As the world moves to becoming more digital, the need for cyber protection continues to increase, as significant changes in the threat landscape with more insights into emerging and evolving cybersecurity trends have resulted in more active and damaging cyber attacks globally.

The 2019 Threat Report recently launched by Sophos, compiled by its researchers, explores changes in the threat landscape over the past 12 months, uncovering trends and how they are expected to impact cybersecurity in 2019.

โ€œThe threat landscape is undoubtedly evolving; less skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and weโ€™ll eventually be left with fewer, but smarter and stronger, adversaries. These new cybercriminals are effectively a cross-breed of the once esoteric, targeted attacker, and the pedestrian purveyor of off-the-shelf malware, using manual hacking techniques, not for espionage or sabotage, but to maintain their dishonorable income streams.โ€ – Joe Levy, CTO, Sophos, as referenced in the SophosLabs 2019 Threat Report.

The SophosLabs 2019 Threat Report focuses on these key cybercriminal behaviours and attacks:

READ ALSO: Cyber mercenaries constitute biggest single challenge to financial institutions in Nigeria

ยทย ย ย ย ย ย ย ย ย Capitalist cybercriminals are turning to targeted ransomware attacks that are premeditated and reaping millions of dollars in ransom –ย 2018 saw the advancement ofย hand-delivered, targeted ransomware attacks that are earning cybercriminals millions of dollars.ย These attacks are different than โ€˜spray and prayโ€™ style attacks that are automatically distributed through millions of emails. Targeted ransomware is more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so the ransom must be paid. Thisย โ€œinteractive attack style,โ€ where adversaries manually maneuver through a network step-by-step, is now increasing in popularity. Sophos experts believe the financial success of SamSam, BitPaymer and Dharma to inspire copycat attacks and expect more happen in 2019.

ยทย ย ย ย ย ย ย ย ย Cybercriminals are using readily available Windows systems administration tools –ย This yearโ€™s report uncovers a shift in threat execution, as more mainstream attackers now employ Advanced Persistent Threat (APT) techniques to use readily available IT tools as their route to advance through a system and complete their mission โ€“ whether it is to steal sensitive information off the server or drop ransomware:

ยทย ย ย ย ย ย ย ย ย Turning admin tools into cyberattack tools
In an ironic twist, or Cyber Catch-22, cybercriminals are utilising essential or built-in Windows IT admin tools, including Powershell files and Windows Scripting executables, to deploy malware attacks on users.

Related News

ยทย ย ย ย ย ย ย ย ย Cybercriminals are playingย Digital Dominos
By chaining together a sequence of different script types that execute an attack at the end of the event series, hackers can instigate a chain reaction before IT managers detect a threat is operational on the network, and once they break in itโ€™s difficult to stop the payload from executing.

ยทย ย ย ย ย ย ย ย ย Cybercriminals haveย adopted newer Office exploitsย to lure in victims

Office exploits have long been an attack vector, but recently cybercriminals have cut loose old Office document exploits in favour of newer ones.

ยทย ย ย ย ย ย ย ย ย EternalBlueย becomes a key tool for cryptojacking attacks

Patching updates appeared for this Windows threat more than a year ago, yet the EternalBlue exploit is still a favourite of cybercriminals; the coupling of EternalBlue to cryptomining software turned the activity from a nuisance hobby into a potentially lucrative criminal career. Lateral distribution on the corporate networks allowed the cryptojacker to quickly infect multiple machines, increasing payouts to the hacker and heavy costs to the user.

ยทย ย ย ย ย ย ย ย ย The continued threat of mobile and IoT malwareย โ€“Malwareโ€™s impact extends beyond the organisationโ€™s infrastructure as we see the threat from mobile malware grow apace.ย With illegal Android apps on the increase,ย 2018 has seen an increased focus in malware being pushedย to phones, tablets and other IoT devices. As homes and businesses adopt more internet-connected devices, criminals have been devising new ways to hijack those devices to use as nodes in huge botnet attacks. In 2018, VPNFilter demonstrated the destructive power of weaponised malware that affects embedded systems and networked devices that have no obvious user interface. Elsewhere, Mirai Aidra, Wifatch, and Gafgyt delivered a range of automated attacks that hijacked networked devices to use as nodes in botnets to engage in distributed denial-of-service attacks, mine cryptocurrency and infiltrate networks.

 

Jumoke Akiyode-Lawanson

More from our Technology Column
Read Next
Untitled design(21)

How price drops affects cryptocurrency exchanges

By Frank Eleanya โ€ข November 21, 2018

Nigeria's leading finance and market intelligence news report. Also home to expert opinion and commentary on politics, sports, lifestyle, and more

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp