CS Nov-Dec 2020

hacking surge
technical expertise to develop the malware
and manage the DDoS attack process."
However, the world of technology has
'progressed' and it is entirely possible to
purchase a DDoS attack from the 'Dark web'.
"One simply has to make contact with one of
the numerous vendors of the services and
specify the target, the magnitude and
duration of the attack, pay the required fee
(usually in crypto-currency) and then one sits
back and observes as the crime unfolds," he
adds. "The DDoS attack will have an associated
service level agreement, but quite how the SLA
is enforced in the event of a disagreement is
currently an opaque area!"
This "commoditisation of cybercrime" now
extends beyond DDoS attacks, states Brear,
and it is possible to purchase ransomware
attacks, targeted hacks, bespoke malware,
phishing email templates, industrial espionage
services, and lists of potential targets for
frauds and extortion attempts. "The other
consequence of the commoditisation of
cybercrime is that traditional criminals can
purchase the required technical solutions to
combine with their criminal prowess, and
produce ever more inventive methods to
defraud and attack people and organisations."
Action Fraud, the UK's dedicated resource
for reporting fraud and cyber-crime, estimated
that UK citizens have already lost around
£16 million from online scams and frauds in
the earlier stages of the UK lockdown. "Also,
the illegal takeover, or compromise, of cloudbased
email accounts is approaching epidemic
proportions and shows no signs of abating
anytime soon," Brear warns.
"Despite the focus on disruption to business
operations created by the Covid-19 crisis, the
traditional challenges created by cybercrime
have not diminished and organisations need
to have in place appropriate protective
measures, security response plans and
business continuity arrangements to maintain
their critical services and functions." What is
clear from these findings is that the range of
threats that organisations face is increasing
and now, more than ever, it's essential that
companies have the right cyber resilience
strategies in place to counteract this growing
threat - which has only been amplified by the
coronavirus pandemic and remote working.
This is supported by another report, published
by cyber security specialist firm Mimecast,
titled 'State of Email Security', which has
detailed some of threats facing businesses
today. The report surveyed 1,025 global IT
decision makers. Some of key findings include:
60% of IT professionals surveyed believed
it's inevitable or likely they will suffer from
an email-borne attack in the coming year
72% of respondents reported an increase
in phishing on their organisations and,
due to the global pandemic, threat actors
are broadly using impersonation and
BEC to steal from unsuspecting users.
Mimecast has found that impersonation
fraud attempts jumped by a staggering
30% from January to April 2020
47% of IT professionals surveyed in the UK
say the volume of email-based spoofing of
customers, vendors or business partners,
using their brand to trick an organisation
into giving cybercriminals money, sensitive
intellectual property or login credentials
has increased over the past year
51% of IT professionals surveyed in the UK
say the volume of email-based spoofing
of well-known internet brands (Microsoft,
PayPal etc), asking employees for money,
sensitive intellectual property or login
credentials, has increased in the last year.
TIMES ARE CHANGING
This research comes at a time when
organisations across the globe have been
forced to adopt remote work policies for
employees in response to the coronavirus
pandemic. Threat actors have seized this
opportunity and evolved the ways they are
targeting their victims. Domain-spoofing and
email-spoofing have become mainstream
attack vectors, according to the report. Nearly
half of organisations (49%) surveyed report
anticipating an increase in web or email
spoofing and brand exploitation in the next
12 months, and it is a rising concern. In fact,
84% of respondents felt concerned about
an email domain, web domain, brand
exploitation or site spoofing attack. It is critical
for organisations to look beyond their email
perimeters to determine how cyber threat
actors may be using and damaging their
brands online.
Similar to years past, impersonation attacks,
phishing attempts and ransomware continue
to be a major problem, according to the
research. Seventy-two per cent of report
participants said phishing attacks remained
flat or increased in the previous 12 months
and 74% reported the same of impersonation
attacks. This indicates that phishing is
potentially becoming more difficult to stop
or prevent, due to more advanced tactics such
as spear-phishing.
Ransomware also continues to wreak havoc,
as just over half of respondents (51%) said
that ransomware attacks impacted their
organisation, citing data loss, downtime,
financial loss and loss of reputation or trust
among customers.
The State of Email Security 2020 report also
shines a light on the urgent need for a more
cyber-aware workforce. Encouragingly, 97%
of the respondents' organisations offered
security awareness training at varying
frequencies and formats. However, 60% of
those surveyed reported having been hit by
malicious activity spread from employee to
employee, pointing to the fact that the format
or frequency of these trainings could be the
problem. With frequent, consistent, engaging
content that humanises security, security
awareness training is an effective way to
reduce risk inside the network and
organisation.
While threat actors are visibly gaining in
sophistication and evolving, their tactics in
www.computingsecurity.co.uk @CSMagAndAwards Nov/Dec 2020 computing security
27