5 Daunting Cybersecurity Trends in 2019
With the greater half of 2019 still to come, there are still chances for a breach in cybersecurity. If you and your business are yet to be aware of the potential threats, your company may be at risk. Looking back at 2018 and its cybersecurity threats, we can better predict what might be in store for 2019. Fear has been and still is a powerful thing to leverage for criminals. Here, we will discuss the 5 frightening trends in cybersecurity.
Share this Image On Your Site
Security researchers reported a new way of email phishing attempts that threaten to release captured webcam footage if a ransom were not met. The emails would start off by stating the user’s password and claim that the entire system has been compromised. Further down in the email, the attacker threatens that the user was recorded on the webcam to have partaken in compromising acts. If the Bitcoin address was not met, then the footage would be sent to the user’s entire contact list. To make the email appear more authentic, the attackers would change the source email address to the user’s own. After more insight to this threat, it was debunked that the attacker had access to the system, but they actually were using the user’s leaked passwords from a previous public breach. Scammers have profited as much $50,000 in a week using this type of attack.
Like the previous scam, this hacker uses threats the involve access to the user’s webcam. In one case of this attack, a family in Texas was threatened with the kidnapping of their baby. The couple heard disturbing noises from their baby’s room and when they entered, they heard a man’s voice coming through their cloud enabled monitoring system. The family is fine, but the attacker was remotely accessing the cloud system. Unfortunately, there have been many more reports of similar stories where attackers are hacking into cameras and monitoring devices. This is a prime example of how Internet of Things (IoT) devices are an area of concern for consumers and businesses.
Hitman for Hire
Hitman for Hire is another phishing attempt via email that was prevalent in 2018. In another poorly written email, the attacker would claim to own a dark web site that provided hitman services. They would say that they found the user’s name as a target on the site and would “generously” offer to take the name off the list if the user were to pay $4,000. After the attacker provided the Bitcoin address, the targeted user would have 36 hours to pay. This extortion attempt caught the attention of the FBI and other law enforcement agencies, but has not been deemed a legitimate threat since no one has seemed to pay the $4,000. Although this threat is not as precise or subtle as the sextortion emails, it shows that attackers are attempting to use fear as leverage. What is even scarier is that there are real hitman for hire websites on the dark web.
Attacks By Our Own Devices
Last year, in 2018, IoT devices made such a huge presence that they became ticking time bombs for attacks against users. Distributed Denial of Service (DDoS) attacks spiked by 500% in 2018 largely due to the increase of the amount of IoT devices that were compromised. Those devices are targeted by attackers mainly because they make perfect botnets. Once compromised, they sit undetected until they are called upon to attack. When one device is compromised, the same attack can be used against all other devices.
Supply Chain Poisoning
A supply chain attack is when someone enters a user’s system through an external partner or provider who has access to the user’s data. It can be from physical chips embedded within servers, but the most common way is through third-party softwares. 56% of organizations report that the breaches they have experienced were caused by one of their vendors.
As phishing attacks get smarter, IoT devices need to be upgraded with additional security controls. Being a numbers game, even if one out of 500 people open the email, the attacker is successful. If a tiny bit of personalization were to be introduced into those phishing emails, the odds are improved for the attackers. With these cybersecurity trends for 2019, users can be more aware and conscious of their devices and take personal measures to secure themselves.