Tag Archive for: Tactics

Cybercriminals evolving their tactics to exploit collective human interest

/in


Phishing activity increased significantly in the first few months of 2020, taking advantage of pandemic-induced product shortages and increased usage of streaming services, OpenText reveals.

cybercriminals evolving tactics

For the first time, eBay topped the list of brands most targeted for impersonations, with 31.1% of all phishing attacks in the month of February impersonating eBay. In March, phishing activity surged among streaming services YouTube (3064%), Netflix (525%) and Twitch (337%).

“Gathered from over 285 million real-world endpoints and sensors, and leveraging the extensive BrightCloud network of industry-leading partners, this year’s Threat Report clearly shows how cybercriminals are willing and able to evolve their tactics to exploit collective human interest and current events,” said Prentiss Donohue, EVP, SMB/C Sales, OpenText.

“The findings underscore the need for users and businesses of all sizes to enact a multi-layered approach to data security and protection given the persistent creativity of cybercriminals.”

cybercriminals evolving tactics

Phishing

  • Attacks increased 510% from January to February alone
  • The top five phishing targets of the year were eBay, Apple, Microsoft, Facebook and Google
  • By the end of 2020, 54% of phishing sites used HTTPs. Use of HTTPS varies considerably based on the industry being targeted and is most heavily used when spoofing cryptocurrency exchanges (70% of the time), ISPs (65%), and gaming (62%)

Malware

  • 86.1% of malware is unique to a single PC
  • 83% of Windows malware hides in one of four locations. One of which, %appdata%, saw the infection rate jump 59.2% YoY
  • Consumer devices saw twice as many malware infections when compared to business devices

Infection rates by country and industry

  • At 2.3%, Japan had the lowest PC infection rate per region, followed by the United Kingdom (2.7%), Australasia (3.2%) and North America (3.7%)
  • In Europe, home devices were more than three times as likely to encounter an infection as business devices (17.4% versus 5.3%)
  • Based on reported data, health care and social assistance (down 41.4% from the YoY average) led in terms of industries with the lowest infection rates, while the highest industry infection rates were seen by wholesale trade,…

Source…

Measures against China’s ‘gray-zone’ tactics detailed

/in


  • By Wu Su-wei and Jonathan Chin / Staff reporter, with staff writer

The Ministry of National Defense has elaborated on the military’s countermeasures against China’s “gray-zone conflict” tactics in a comprehensive review of Taiwan’s defense strategy.

The ministry’s 2021 Quadrennial Defense Review, which was on Thursday delivered to the Legislative Yuan’s Foreign Affairs and National Defense Committee for review, highlights the Chinese People’s Liberation Army’s (PLA) increasing use of gray-zone conflict methods, including cognitive warfare, disinformation, and air and sea patrols.

The methods are employed by the PLA to exhaust Taiwan’s armed forces and morale, the ministry said.

Photo provided by the Coast Guard Administration via CNA

The PLA’s cognitive warfare strategy is based on the “three forms of warfare” concept, which refers to public opinion warfare, psychological warfare and legal warfare, which are conducted to create internal contradictions in Taiwan, the ministry said.

The ministry’s answer to cognitive warfare is the creation of rapid response mechanisms that use technology to counter disinformation, provide factual rebuttals across multiple media, stop public panic, and create counter-narratives with international partners, it said.

China has reorganized its forces to augment its cyberwarfare capabilities, and PLA cyberunits are deployed for intelligence gathering and for stealing military, industrial and commercial secrets, it said.

Another part of the PLA’s effort is directed toward identifying gaps in Taiwan’s cyberinfrastructure to exploit them, including attacking these targets during a war to paralyze the nation’s government, security forces and military, the ministry said.

The armed forces are to stop these threats by implementing information security mechanisms, increasing defensive capabilities and strengthening collaboration with cybersecurity agencies, it said.

The…

Source…

Beware of 13 Tactics, Tools and Procedures

/in


Fraud Management & Cybercrime
,
Fraud Risk Management
,
Governance & Risk Management

Use Threat Hunting to Better Spot Attacks in Progress, Security Experts Recommend

Mathew J. Schwartz (euroinfosec) •
February 26, 2021    

Ransomware: Beware of 13 Tactics, Tools and Procedures
Cobalt Strike is a legitimate penetration tool that ransomware-wielding attackers often use to help hit targets.

Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. So, defenders across every type of targeted organization – including government agencies and private businesses – would do well to have more effective defenses in place.

See Also: Top 50 Security Threats


Such defenses would ideally include organizations proactively looking for known ransomware attackers’ tactics, techniques and procedures. That kind of threat hunting can help defenders spot attacks in the reconnaissance phase before they progress to data being exfiltrated or systems getting crypto-locked.


But where to begin?


First, perhaps, by acknowledging that the status quo isn’t working. Indeed, ransomware continues to generate large profits for criminals, reports ransomware incident response firm Coveware.



These are average and median ransom payments made by victims based on thousands of cases investigated per quarter by Coveware. While averages have recently declined, overall profits remain high.

The state of ransomware defenses doesn’t appear to be improving – or at least not as quickly as attackers continue to innovate. Last year,…

Source…

9 New Tactics to Spread Security Awareness

/in


Employees are often your first line of security defense when the bad guys come calling — providing your workers are properly trained. Security leaders share how they’re raising awareness.

Sometimes security awareness training is ineffective. Sometimes it’s considered in poor taste.

For example, in a move that was criticized earlier this year, newspaper giant Tribune Publishing sent out a phishing simulation to staff. The “lure” was the promise of a bonus between $5,000 and $10,000. The email instructed employees to log in to “view your end of year bonuses.” And when they did, they received a notification of enrollment in a computer security training program. However, the awareness campaign raised eyebrows because Tribune Publishing had recently laid off and furloughed many employees.  

Perry Toone, founder of email service firm TheXYZ, says a similarly disastrous experiment with phishing employees led him to abandon the tactic.

“We created a fake phishing site and encouraged users to click a link in an email,” he says. “When they did, we informed them that they had failed the phony phishing test. It turned out, this was not a good idea. Many people freaked out, thinking they have been hacked. Wouldn’t do it again.”

OK, so these are both examples of awareness training that fell flat. But what’s working these days? The Edge reached out to several security leaders to hear about the new tactics they are employing to evangelize security in their organizations these days.

Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online. View Full Bio

Previous

1 of 10

Next

 

Recommended Reading:

More Insights

Source…