Cybercrime trends: Fewer, more precise attacks

Over the course of 2015, cyber attacks got somewhat less frequent but significantly more targeted and financially damaging.

According to its annual roundup of cybercrime breaches and vulnerabilities in Canada, global security software provider Trend Micro reports blocking more than 52 billion threats in 2015, a 25 per cent decrease from 2014.

But while the number of attacks is decreasing, they’re becoming more precise in their targeting, more advanced in their methodology and more financially damaging to both individuals and corporations.

“We’re seeing more of a focus from cyber criminals,” said Mark Nunnikhoven, Trend Micro’s vice-president of cloud research, based in Ottawa. “We’re seeing more and more attacks that are targeting banking details and ransomware, where there’s a direct payoff for cyber criminals, whereas in previous years we saw more attacks that had indirect payoffs, like turning your machine into a bot to send spam or using it in an attack later on.”

Financial cybercrime in Canada

When it comes to physical credit card thefts and forgeries, Canada has remained well protected, thanks to the adoption of chip-and-pin technology.

“It’s a relatively pain-free security control for us as citizens,” said Nunnikhoven. “What we’ve seen in the criminal underground is a distinct difference in what Canadian credit card information is worth versus, let’s say, U.S. credit card information.”

Nunnikhoven adds that Canadian financial institutions automatically flag all transactions that don’t include both chip and pin, which has devalued Canadian credit card information on the black market.

As a relatively affluent country, however, Canada is not immune to cyber attacks against its financial institutions, which are being targeted specifically through the Angler Exploit Kit, explains Nunikhoven.

“What we saw is evidence of these kits being tailored toward Canadian brands and Canadian banks,” he said. “We saw attacks being specifically run against the top Canadian banks and some of our top credit unions, as well as our big telcos.”

An ‘explosion’ in ransomware

Instances of ransomware attacks, which encrypt and freeze personal devices until such time that a ransom is paid to the attackers, has grown significantly over the past year.

“I think we’re going to see an absolute explosion in ransomware,” he said. “It was big last year, it’s going to be bigger this year, and that’s due to the fact that it’s a massive money-maker for criminals.”

While these attacks primarily targeted personal devices in 2015, Nunnikhoven has reason to believe the threat could extend to businesses this year.

“What we started to see is ransomware targeting things like web servers, taking businesses offline,” he said. “I think that’s going to become more popular from the criminal’s perspective, because that’s an even more attractive money maker, especially for e-commerce [companies].”

How IT staff can protect employees

When it comes to protecting themselves and the business from such attacks, Nunnikhoven’s suggestion to IT security staff is, first and foremost, to double down on the basics.

“The No. 1 infection vector is through phishing emails, so you want to make sure your employees are aware of what a phishing email looks like,” he said. “More importantly, you want to filter as many of those out as possible on the mail server so your users never have to make that decision.”

Nunnikhoven adds that companies should also increase filters on outbound Internet traffic to protect users from infections that get through, “because it’s a safety net to make sure that even if your users click on a phishing link, they won’t get that infection.”

Image courtesy of Free Digital Photos