In 2019, cybercriminals cost businesses $3.5 billion, according to the FBI. That’s up from $2.7 billion in 2018. Cyberattacks happen so often that many businesses don’t even realize they’ve been breached until cybercriminals have compromised a significant amount of data and cost them millions in damages.
In the December report, “Threats of the Year: A look back at the tactics and tools of 2019”, Cisco outlined six of the biggest cybersecurity threats from 2019. In this blog, we‘ll take a deeper look at those threats and provide practical steps your business can take to address them in 2020.
1. DNS Hijacking
Domain Name System (DNS) hijacking is when a hacker redirects users from a legitimate website to a webpage the hacker controls. This is done by corrupting the records that directs search engines to find a website. For example, if you were banking online and your bank had been DNS hijacked, you would be redirected towards a webpage that looked and felt like your bank’s website but was actually just a front. Any login credentials you entered would go straight to the cybercriminal.
It’s difficult to 100% secure your business from a DNS hijacking attack because nothing on your server has acutely been corrupted. However, to make it harder on cybercriminals, consider the following:
- Choose a domain registrar that offers multi-factor authentication.
- Only use a domain registrar who allows you to lock down your DNS settings so that they can only be changed if your website’s administrator calls and gives the OK.
2. Remote Access Trojans (RATs)
A RAT is a malware program that cybercriminals use to remotely control a computer. RAT malware infections usually start with a user downloading an infected program without knowing it via an email attachment or through a game download. Once the RAT is installed, it takes administrative control of your system while staying hidden. This gives the cybercriminal the ability to do pretty much whatever they want with your system from a remote location.
Oftentimes, a RAT will monitor your activity with a keystroke logger to get your passwords and credit card information. Additionally, they might use your webcam to record a video of you or use your computer to distribute malware to other computers. To protect your company from RATs:
- Ensure you have up-to-date antivirus software
- Train your team to avoid downloading programs or opening attachments from untrusted sources
- Have your IT team monitor outgoing traffic for any irregularities
3. Threats in Encrypted Traffic
Most of our web traffic is encrypted, which is generally a good thing. We wouldn’t want to purchase an item online or send a work email if anyone could read our emails or see our credit card number. Cybercriminals are increasingly using that same encryption technology to mask their identities after they have gained access to a company’s IT systems. Since the majority of cybercrime now involves some form of encryption, this is something that every company needs to address.
The best thing you can do to identify malicious encrypted traffic on your network is to have your IT team run your encrypted data through “traffic fingerprinting,” a process that searches your data for patterns that match known malicious activity.
4. Office 365 Phishing
An Office 365 phishing attack involves a cybercriminal sending an email that appears to be from Microsoft Office with a link directing a user to log into their account. The link will direct you to a page that looks like it’s from Microsoft but is owned and operated by the cybercriminal. They are hoping that you believe the page you have been sent to is legitimate so that you provide your username and password. If you do so, the cybercriminal will have access to your account.
What you can do about Office 365 phishing:
- Your team is the first and most important line of defense against all types of phishing. Build a culture of IT security by educating and testing your team so that they take the right steps if they’re targeted.
- Utilize anti-phishing software that weeds out and identifies suspicious emails.
- Enable multi-factor authentication. Multi-factor authentication will help keep your users secure even if they mistakenly give away their credentials.
5. Social Media and Black Markets
Cybercriminals are not hiding in deep, dark corners of the internet. Instead, they’re using the same social media that everyone else does to communicate, purchase the software they use to hack, sell the data they’ve stolen, and to share the tips and tricks of their trade. Additionally, social platforms are often used by cybercriminals to glean the information they need to get into your account or to research their targets and build more effective socially engineered phishing campaigns.
Many people have information (i.e., first school, pet’s name, favorite sports) on their public profiles but also use those answers for their security questions, resulting in much higher risk for their accounts to be compromised.
Here are several steps you can take to be more secure while using social media:
- Use unique passwords for all accounts.
- Lock down your accounts to keep as much of your profile as private as you can.
- Employ the same precautions when opening messages on social accounts that you do via email. Cybercriminals use the same phishing techniques in both.
6. Digital Extortion Scams
Different than the other types of cybersecurity threats, digital extortion scam artists don’t try to get access to your accounts. Instead, they try to trick you into sending them funds directly through a convincing bluff. They make themselves appear like a credible threat by using one of your old passwords and usernames in the subject line of an email. Usually, they’ve found this information through a large company hack that happened years ago. The cybercriminals will then tell you they have access to your social media accounts, your webcam and have recorded or made pornographic video of you.
Unless you send them money via Bitcoin or other digital currency, they’ll spread the compromising material across the web and specifically to all your contacts. The truth is, in the majority of cases they don’t have access to your accounts and are playing on your emotions.
Here is what you can do about it:
- Use a password manager that allows you to create complex and unique passwords for each account.
- Develop a healthy level of skepticism. It’s very unlikely that the cybercriminals have the information they say they have on you.
- Report suspicious emails to your IT department. They can help determine if the email you received is a scam.
- Ensure that your spam filters are updated to catch the most recent forms of these scams.
Staying Protected in 2020
We expect cybercrime will cost businesses even more in 2020 than it did in 2019. Along with new variations on phishing and types of malware, we expect to see cybercriminals double down on the types of crime outlined in this blog.
Not sure where to start protecting your company from cybersecurity threats? Talk to an expert today.