Pretoria – Computer network security company Sophos this week launched its 2019 threat report providing insights into emerging and evolving cybersecurity trends. The report explores changes in the threat landscape over the past 12 months, uncovers trends and looks at how they may impact cybersecurity in 2019.
“The threat landscape is undoubtedly evolving; less skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and we’ll eventually be left with fewer, but smarter and stronger, adversaries. These new cybercriminals are effectively a cross-breed of the once esoteric, targeted attacker, and the pedestrian purveyor of off-the-shelf malware, using manual hacking techniques, not for espionage or sabotage, but to maintain their dishonourable income streams,” said Joe Levy of Sophos.
The report focuses on these key cybercriminal behaviours and attack:
Cybercriminals are turning to targeted ransomware attacks: This year saw the advancement of hand-delivered, targeted ransomware attacks that are earning cybercriminals millions. These attacks are different from the ‘spray and pray’ style attacks that are automatically distributed through millions of emails. Targeted ransomware is more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so the ransom must be paid. This 'interactive attack style,' where adversaries manually maneuver through a network step-by-step, is now increasing in popularity.
Cybercriminals are using readily available Windows systems administration tools: This year’s report uncovers a shift in threat execution, as more mainstream attackers employ Advanced Persistent Threat (APT) techniques to use readily available IT tools as their route to advance through a system and complete their mission. In an ironic twist, or Cyber Catch-22, cybercriminals are utilising essential or built-in Windows IT admin tools, including Powershell files and Windows Scripting executables, to deploy malware attacks on users.