As large-scale cybersecurity attacks continue to create havoc in the enterprises, attackers are adopting a far-reaching approach to strengthen their impact. A report from Accenture Security outlined new methods that hackers are using to make money by gaining access to steal data.
According to a press release announcing the report, the results were collected from intelligence gathered from iDefense, a part of Accenture Security. In addition to the growth of the veritable number of attacks, they are also becoming more destructive and being utilized by other entities, such as nation-states, the release said.
“The first six months of 2017 have seen a treacherous evolution of ransomware producing more viral variants unleashed by potential state-funded cybercriminals. Our findings confirm that a new bar has been set for cybersecurity teams across all industries to defend their assets in the coming months,” Josh Ray, managing director at Accenture Security, said in the release.
According to the report, here are the five most notable threats facing the enterprise in 2017:
- Reverse Deception Tactics: Tools like anti-analysis code, steganography, and command-and-control servers are being used to hide stolen data, the release said.
- Sophisticated Phishing Campaigns: Phishing emails, often used to deliver malware, are becoming more sophisticated with the addition of specific company information regarding billing, logistics, and more.
- Strategic Use of Information Operations: Cyber attacks and cyber espionage are growing tools used by nation-states and other actors to achieve political disruption. There is a well-known hurdle among nations to procure confidential government data and pose a security threat especially in regard to Nuclear capable states.
- Alternative Crypto-Currencies: Bitcoin’s popularity is forcing cybercriminals to improve their laundering techniques or adopt different cryptocurrencies altogether.A significant number of countries are victims global money laundering rackets already.
- DDoS-for-Hire Services: Easy-to-use and affordable tools have made it easier than ever for attackers to offer Distributed denial of service (DDoS)-for-hire services.
“While the occurrence of new cyber attack methods is not going away, there are immediate actions companies can take to better protect themselves against malicious ransomware and reduce the impact of security breaches,” Ray said in the release.
In order to improve their stance against these threats, the Accenture report recommended that businesses take the following steps:
- Adopt proactive prevention – Properly trained employees who can recognize emerging threats can help an organization shred off potential problems at early stages and defuse potential damage.
- Elevate email controls – Spam filters should be present and authentication should be robust to make sure email is protected. Companies should also scan emails for potential threats.
- Insulate your infrastructure – Patch your apps and operating systems when necessary, make sure firewalls and virus scanners are configured and check your admin rights.
- Plan for continuity – A strong resilience plan that includes backups and it regularly updated can help hedge your bets against paying for ransomware.