Cybercriminals are behaving much more like businesses than they used to. This is according the new Sophos Threat report. Right now, ransomware is particularly worrying, says Chester Wisniewski, of Sophos.
Not only are the tools being used by cybercriminals getting more sophisticated (they are using virtual machines to get past many anti-ransomware tools) but the amount of money that the criminals are extorting is far higher than it used to be.
Once a ransom of $600,000 was seen as huge. Now ransoms of $15 million are being reported.
No longer are cybercriminals bothering with selling credit card details or data, they are now making their money by doing things such as getting into a company’s site and data and then selling that access point.
Nation-states are not helping, as their attacks become more sophisticated too. And the pattern that is emerging is that they are using the same tools as the cybercriminals to better disguise what they are doing. And they are using companies’ security tools against them, making matters even worse.
For a while now, Russian hackers have been leaving clues that point the authorities to Chinese hackers (and probably vice versa).
Ransomware is not the only attack vector that is becoming more sophisticated. Phishing is still at the top of the agenda. The most recent example is the attack on AstraZeneca by North Korean agents, who used LinkedIn and WhatsApp to approach staff with fake job offers and then sent them a poisoned document, purporting to be the job description.
The attack, so we understand, was not successful.
The pandemic, of course, has made the threats greater. People will be willing to search for information, treatments, the status of vaccines and will therefore be more trusting of documents that supposedly supply that information.
Working from home has also stretched IT and security departments to the limit as cybercriminals use the vulnerabilities of a distributed workforce to attack companies.
The Sophos Threat Report for 2021 is something you should probably download. It is free and, refreshingly, does not require registration. It covers the activities of cybercriminals across many arenas and provides advice on how to best counter these ever-growing threats.