happier IT Inc.

View Original

The Evolution of Cyber Crime in 2017 – What We Saw

Each and every year, Cyber Crime is constantly evolving and the industry is now growing at a breakneck pace. Cyber Crime is no longer hackers in basements and viruses written by teenagers designed to cause damage. Today, Cyber Crime is conducted by organized crime and foreign states. It’s a multi-billion-dollar industry and it’s near impossible for law enforcement to identify, capture and prosecute the real players.

Now that 2017 is in the rear-view mirror we thought it would be an appropriate time to reflect on what we had seen and how the landscape has changed.

The Past Few Years

In 2014/2015, we saw an increase in social engineering resulting in fraud. Typically, the outcome was that an employee with financial capabilities was asked to wire money to the CEO/Owner/etc. for some purpose related to real events either in the executive’s personal life, or in the company’s. Often the request was made “in confidence” so the person being engineered didn’t ask around, and felt more inclined to help. Fortunately, banks slowly began to question such wire transfers and now often hold suspicious transfers (especially out of country) until they are confirmed.

In 2016, we saw a sharp rise in Ransomware. Ransomware works by infecting a business’ computer, encrypting all of the business’ data and demanding a ransom payment to unlock it; effectively crippling the business. Ransomware is extremely effective against small/medium sized businesses because many don’t have adequate defences or backup systems, forcing them to pay the ransom. Because of this, Ransomware quickly became the most predominant risk to Small/Medium sized businesses, affecting 4000+ businesses per day at an average ransom of $1077, and many being in the hundreds of thousands. The largest cost of Ransomware hasn’t shown to be the Ransom itself, but the downtime incurred by the infection, brand damage and legal ramifications of the breach.

What We Saw in 2017

Manned Attacks

Despite all the discussion and press about Artificial Intelligence, in Cyber Security we saw an increasing use of human intelligence.

Traditionally most attacks on small/medium businesses were carried out in an automated fashion. Typically attacks came in the form of a virus, spyware or ransomware, and they were typically distributed by email. In 2017 however, we began to see an increasing number of cyber criminals using humans to conduct the attacks.

The damage caused by humans, be it ransomware or otherwise, is much more insidious and harder to recover from. Human attackers typically perform more complex attacks and can circumvent defences more easily. In addition, human attackers have been known to delete backups, erase storage systems and cause other permanent damage.

Broader Social Engineering

In 2014/2015 there was a significant amount of fraud conducted against businesses. In order to perpetrate this fraud, cyber criminals used social media and information from corporate web-sites to determine organization structures and manipulate executives and senior staff.

We’re now seeing an increase in Social Engineering of employees. For example, employees are being called by fake “technical support” and asked for their password, or are sent emails asking them to login to their Office 365 account that contain links to fake login screens that captures their login information. While the payoff isn’t as immediate by targeting lower-level employees, this type of social engineering is typically easier and it gets them “inside the walls” allowing them to circumvent many defences and operate undetected while they attempt to gain elevated access.

Intelligent Password Cracking

Cyber criminals are still using software to test for weak, exploitable username/password combinations, but now they are using intelligent tools that learn password policies, making them more efficient and able to avoid detection.

What We Expect to See in 2018

Businesses that Aggregate Information Being Targeted

With the Equifax breach, we saw a sophisticated attack that was able to gain access to hundreds of millions of peoples’ personal financial information. The goal was none other than to steal this information. This highlights the value of personal information to the criminal underworld. In 2018, we expect to see attacks against organizations that house large volumes of personal information, particularly in the insurance, finance and healthcare space.

A Sharp Increase in Mobile Malware

Mobile Malware (spyware/viruses) have been growing in volume over the years. Mobile Malware is typically embedded in apps that are installed by the user and rest undetected on the device awaiting their intended target.

In 2017, there has been an increase in smaller attacks aimed at getting cyber criminals access to systems inside protected networks. We expect to see an increase in Mobile Ransomware that scans each network it connects to, looking for vulnerable systems to spread to. These systems will be used as a springboard for a larger attack.

Increase in Exploitation of IoT Devices

Internet-of-Things (IoT) devices are anything that connects to a network. This may be smaller non-critical devices such as light bulbs, thermostats and coffee pots. But in the commercial space this includes almost any industrial machine sold today. The problem is that many organizations install these devices and do not adequately secure or maintain their cyber security. These systems, if not protected and patched, provide cyber criminals with another way to hold businesses ransom.

Evolution of Ransomware

Cyber criminals have experienced first hand how profitable extorting businesses can be. While they will continue with traditional Ransomware, as more businesses invest in solutions to protect their data from Ransomware, cyber criminals will have to develop new tactics.  We expect that as data becomes more protected, these criminals will find innovative ways to hold a business’ production at ransom such as by disabling computer networks or exploiting IoT devices.

Let’s Start the Conversation

If you are a happier IT client and would like to start a conversation with your happier IT vCIO, please reach out to, team@happierit.com.

If you’re not yet a happier IT client, but you are interested in becoming one, please contact,  sales@happierit.com.