Since the very birth of the Internet, cybercrimes have been plaguing businesses and regular web users alike. Over the recent years, the issue of data privacy and security has picked up steam — billions of people have fallen victim to different kinds of cyber attack.
Analyzing the 2016-2018 reports on Cybercrime Tactics and Techniques, we have found out that the three prevailing types of crimes were Phishing, Ransomware, Crypto Scamming/Fraud. Why do cyber criminals use these methods?
Phishing
Phishing is a type of cyber attack aimed at getting users’ personal information like login credentials or bank details. The attacks are most commonly performed through email messages that contain malicious links, ad frauds, or ransomware. The hackers masquerade as a respected person, or a company that a victim trusts or might have a deal with. Therefore, phishing emails look authentic and intend to convince a user of urgency to reveal personal information. Such emails usually inform users about any financial threat posed to their account or lure them with promises of monetary gains. Phishing emails can be targeted at specific people and companies or can be sent to millions of potential victims trying to trick as many users as possible. The recent massive phishing scam occurred during World Cup 2018 in Russia. The fans were looking for affordable tickets and scammers marketed free and completely fake trips with phishing emails.
The process consists of several phases including:
- Planning. Hackers decide which company/business to focus on and how to obtain the necessary email addresses of customers. Among phishers’ favorite spoofed brands are Microsoft, PayPal, Facebook, Netflix, Bank of America, Dropbox and others.
- Weaponization. Once they determine the brand to spoof and their potential victims, hackers draft targeting messages, define the methods of collecting data like fake web pages, or prepare malicious attachments and check whether antivirus recognizes them.
- Attack. The victim opens the email and gets convinced that it’s, for instance, Microsoft who requires to follow the link because of some urgent notification.
- Collection. Having clicked on the link, the victim enters the required information on the website that looks familiar to the official one, and hackers record this information. The cyber attack is done.
Annually, the average phishing attack costs businesses from $1.3 million to $1.6 million.
Ransomware
It is a type of malware that encrypts the computer’s files and makes them inaccessible forcing a victim to pay a ransom for a key to decrypt the files. The ransom code is typically concealed in apps or software, and when the user opens it for the first time, the unique algorithm starts to encrypt the documents and pictures. However, the latest ransomware versions are also capable of pursuing executable files. Usually, the victim isn’t aware of the attack until the files are locked and ransom demand appears on the screen — sometimes, a countdown timer indicates that files will be deleted if the ransom isn’t paid on time.
The attackers behind ransomware often require payment in Bitcoin or any other cryptocurrency as it is almost untraceable. But as incidents reveal, paying a ransom doesn’t mean that hackers provide a key. Conversely, once you have paid they could demand more.
The most damaging ransomware are WannaCry, Petya and Locky. The average ransomware attack costs businesses around $5 million.
Crypto Scamming
Cryptocurrency scamming involves all kinds of fraud related to crypto coins: phishing, hacking, theft, crypto jacking, social engineering, Ponzi schemes, etc. The new peer-to-peer digital currency has fundamentally changed the way money transactions are made. However, it has also triggered some shocking scams and posed new challenges to cybersecurity. An average of $9.1 million a day was lost to crypto scams in 2018!
To date, the hack of cryptocurrency exchange Mt.Gox remains one of the largest in terms of the number of stolen crypto coins. The digital thieves managed to steal 850,000 Bitcoins worth $460 million at the time (2014). At Bitcoin’s highest price, it would have cost $17 billion and at its current price – more than $4 billion. The worst thing about it is that the coins were stolen little by little since 2011. Then, the hackers compromised the computer of the exchange’s auditor and stole the file with the private keys of the customers’ crypto wallets. These days, most wallets are protected by additional security measures, but in 2011 they weren’t. The digital thieves emptied the wallets for several years (2011-2014) and the crypto exchange’s system interpreted the spendings as deposits. This is only one of the numerous crypto frauds, though the monumental one.
Cybercrime trends in 2019
Based on the numerous reports by the leading security firms, we can conclude that cybercrimes will become even more severe, and here’s why.
#1 Ransomware will lead the game. Hackers quickly adapt their techniques to the changing security landscape. In 2019, they will combine ransomware with other types of attacks to make countermeasures less effective.
#2 IoT is still a weak link – more hacks are expected. The devices connected to each other via the Internet form the most vulnerable landscape for cyber crimes, and securing them can be extremely complicated.
#3 AI and ML for successful attacks. AI and ML-generated phishing emails have already proved to be more efficient than those generated by a person, so the hackers will use them massively this year. Furthermore, the employment of this advanced technology by malicious attackers isn’t limited to phishing only.
#4 Biometric authentication is exploited. As long as biometric logins are getting more common, attackers adjust to new rules. Cybercriminals are already capable of compromising biometrics and it’s a matter of time when they improve their methods. Biometrics as a single-factor authentication is easily exploited by hackers.
#5 The cloud-based environment is no longer a safe haven. Cloud computing has become a very popular technology. It makes operations more efficient by providing a shared pool of resources at any time for little to no cost. The huge collection of sensitive data on the Internet is a very attractive target for cybercriminals.
#6 Cryptocurrency as a prime target for attackers. Cryptocurrencies enjoy a lot of buzz nowadays due to their growth in value and their increasing popularity as an alternative method of payment. Cryptocurrency exchanges are now the biggest target of DDoS attacks globally.
Each type of cybercrimes carries a potential threat and serious consequences for individuals and businesses of all sizes. Unfortunately, today it isn’t a question of “what if” you are hacked, but “when”. Implementing strategic security and compliance measures to prepare for the technological changes of 2019 will minimize the risk of breaches. Cybercriminals will keep developing more sophisticated malware weaponization, for sure. However, creating a strong security foundation with scalable solutions will allow handling new cyber threats.