Cisco has just released its Midyear Cybersecurity Report for 2017. This is a comprehensive survey of the cyber threat landscape and recommended reading.
A few interesting points that come out of the report include the following.
1. The fall and rise of spam
Early this century the volume of spam emails overtook the volume of legitimate emails for the first time.
However in the last few years the tide seemed to be turning against spam due in part to:
- aggressive regulatory action against botnets; and
- cyber criminals turning their attention elsewhere.
But it seems now that spam is on the rise again as a strategy of choice for the delivery of malicious payloads.
Once an email is in someone’s inbox, the cyber criminal then relies on the recipient’s assistance in some way – eg, by clicking on a link, or opening an attachment.
Levels of awareness of suspicious emails are probably relatively high and spam filters are becoming more and more effective, aided by AI.
But the laws of mathematics (which apply in Australia) tell us that given sufficient volumes of spam, someone, somewhere, will click on that link or open that attachment.
2. Attacks on the cloud
According to Cisco, cyber criminals are ‘working relentlessly’ to compromise corporate cloud networks.
However it would seem to this author that cyber criminals should divert their resources elsewhere, as human error in configuring security controls on cloud services has seen a number of breaches this year already without cyber criminals having to lift a finger.
3. ‘Social engineering’ emails or Business Email Compromise (BEC)
A sort of refined species of spam, socially engineered emails – you know, the ones from your CEO telling you to urgently transfer $3.7m to a random third party’s bank account immediately or else.
This strategy is reaping massive rewards for cyber criminals. In fact the Cisco report concludes that BEC is “currently the most lucrative and profitable method to extract large amounts of money from a business,” outstripping revenue generated from ransomware attacks for example.
The attraction of BEC is that, because such emails don’t need to contain suspicious payloads or malware, they can slip past cyber defences looking for such risks and will probably fool most spam filters.
Once in an unsuspecting EA’s inbox, spoofing makes the email look like it comes from the CEO. An urgent request that appears to be from the CEO means there is less tendency to stop and think – for example, hovering over the sender’s email address to check for spoofing.
4. Ransomware as a Service (RaaS)
Continuing a trend that has been in play for some time, it is possible now to purchase a Ransomware attack as a service, for a fee.
5. Destruction of service (DeoS)
Terrified by the potential for a Denial of Service attack (DDoS)? Then read about the coming Destruction of service (DeoS) – cyber criminals not only locking access to your data but destroying it as well. This is coming, according to Cisco.
6. And the winner is …
Human frailty. The weakest link in your organisation from a cyber attack perspective is your people. Effective cyber training and awareness is therefore vital, particularly for support staff to senior executives who are susceptible to being targeted in BEC attacks.
And make sure your IT admins configure your cloud security controls correctly. AWS won’t do it for you.