Search DubaiPRNetwork.com

Dubai and UAE
Home >> Technology

Sophos 2019 Threat Report: Unveils the rise of the hand-delivered, targeted cyberattacks as criminals stalk victims to bank millions

Thursday, November 15, 2018/ Editor -  

Share

Home >> Technology

 

Sophos (LSE: SOPH) today launched its 2019 Threat Report providing insights into emerging and evolving cybersecurity trends. The report, produced by SophosLabs researchers, explores changes in the threat landscape over the past 12 months, uncovering trends and how they are expected to impact cybersecurity in 2019.

“The threat landscape is undoubtedly evolving; less skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and we’ll eventually be left with fewer, but smarter and stronger, adversaries. These new cybercriminals are effectively a cross-breed of the once esoteric, targeted attacker, and the pedestrian purveyor of off-the-shelf malware, using manual hacking techniques, not for espionage or sabotage, but to maintain their dishonorable income streams.” - Joe Levy, CTO, Sophos, as referenced in the SophosLabs 2019 Threat Report.

The SophosLabs 2019 Threat Report focuses on these key cybercriminal behaviors and attacks:

Capitalist cybercriminals are turning to targeted ransomware attacks that are premeditated and reaping millions of dollars in ransom - 2018 saw the advancement of hand-delivered, targeted ransomware attacks that are earning cybercriminals millions of dollars. These attacks are different than ‘spray and pray’ style attacks that are automatically distributed through millions of emails. Targeted ransomware is more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so the ransom must be paid. This “interactive attack style,” where adversaries manually maneuver through a network step-by-step, is now increasing in popularity. Sophos experts believe the financial success of SamSam, BitPaymer and Dharma to inspire copycat attacks and expect more happen in 2019.

 

  • Cybercriminals are using readily available Windows systems administration tools- This year’s report uncovers a shift in threat execution, as more mainstream attackers now employ Advanced Persistent Threat (APT) techniques to use readily available IT tools as their route to advance through a system and complete their mission – whether it’s to steal sensitive information off the server or drop ransomware:
  • Turning admin tools into cyberattack tools
  • In an ironic twist, or Cyber Catch-22, cybercriminals are utilizing essential or built-in Windows IT admin tools, including Powershell files and Windows Scripting executables, to deploy malware attacks on users.
  • Cybercriminals are playing Digital Dominos
  • By chaining together a sequence of different script types that execute an attack at the end of the event series, hackers can instigate a chain reaction before IT managers detect a threat is operational on the network, and once they break in it’s difficult to stop the payload from executing.
  • Cybercriminals have adopted newer Office exploits to lure in victims

Office exploits have long been an attack vector, but recently cybercriminals have cut loose old Office document exploits in favor of newer ones.

EternalBlue becomes a key tool for cryptojacking attacks
Patching updates appeared for this Windows threat more than a year ago, yet the EternalBlue exploit is still a favorite of cybercriminals; the coupling of EternalBlue to cryptomining software turned the activity from a nuisance hobby into a potentially lucrative criminal career. Lateral distribution on the corporate networks allowed the cryptojacker to quickly infect multiple machines, increasing payouts to the hacker and heavy costs to the user.


Previous in Technology

Next in Technology


Home >> Technology Section

Latest Press Release

du introduces du Smart Car, an innovative WiFi device with remote monitoring and ...

Exciting Lineup of Recreational Events and Educational Activities at Mohammed Bi ...

Visit Qatar to take centre stage at Arabian Travel Market

Emirates lands in Phnom Penh

Maserati and GranCabrio Trofeo at the Motor Valley Fest 2024

Mitch Evans Thrilled To Seal First Formula E Win Of The Season

Liali Shines Brighter: New Boutique, Brand Identity and Collection to start a Ne ...

Tanishq Ready For Akshaya Tritiya Gold Rush

DAE announces Financial Results for the three months ended March 31, 2024

Panasonic Launches SMARTCARE World; Holds Strategy Conference, Technical Olympic ...

Mohamed Al Hussaini Meets World Bank Vice President for the Middle East and Nort ...

EGA hosts world leading alumina experts for global technical forum in Dubai

Dubai Customs Clinches Two Prestigious Global Awards for Governance Excellence

Dubai Future Foundation launches the second Design Gov Program

‘Eclipse' Timepiece Redefines Feminine Charm

Turkish Airlines, Airbus and Rolls-Royce to Strengthen Partnership

Immerse Yourself In The Enchanting Allure Of Spring With The "Sakura Colle ...

Emirates partners with Aviation Impact Accelerator, pledging funding for researc ...

Philip Morris International Reports First-Quarter 2024 Results and Updates Full ...

Carrefour Supports UAE's National Nutrition Strategy by Rewarding Healthier Choi ...