Trend Micro: Beware Digital Extortion Attacks This Year - Maritime Cyber Alliance
Welcome
About
News
Anonymous Reporting
Tools
MCA Chatter
Library
V-ID Terminal
Support
My Account

News

Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019
 
 
 

Trend Micro: Beware Digital Extortion Attacks This Year

 
January 30th 2018
Cyber-criminals will find new ways to blackmail and extort organizations and individuals in 2018, supercharging ransomware, launching online smear campaigns and firing out targeted attacks aimed at key facilities, according to Trend Micro.

The security giant’s latest report, Digital Extortion: A Forward-Looking View, warns that 2017 was just the tip of the iceberg in terms of what the black hats can do.

Over the coming year, ransomware campaigns are likely to be tweaked yet further for greater impact: for example, by focusing more on organizations like hospitals and manufacturing companies, where downtime could be catastrophic but security investments may lag other sectors.

“We expect ransomware criminals to add new features to their creations by reusing the old book of traditional malware techniques,” explained report author, David Sancho. “It would not be unreasonable to think that they might use portable executor infectors or any other more aggressive delivery technique in order to increase the speed of the infections and spread the impact far and wide.”

Attacks could be accelerated by ensuring the malware knows what file types to search for and encrypt according to the organization — i.e. image and video files at a media company.

The report also warns of dynamic pricing techniques which could automatically set a fee for the decryption key based on the nature of the business.

Other forms of targeted attack designed to extort companies and individuals in 2018 could include breaches of adult websites, like the infamous Ashley-Madison incident; attacks on blockchain technologies; supply chain disruption; and manufacturing process alterations.

In the case of the latter two examples, attackers could plant malware and/or alter processes and then demand a fee to call off their attack.

Online blackmail could also make a big impact this year, with digital smear campaigns timed to cause maximum damage to an individual or organization — think a politician in the run-up to a major election.

The potential for convincing spoofed video footage to cause mayhem makes fake news fact checking even more important, the report claimed.

Organizations should prepare for the above scenarios in their incident response plans and educate employees and management “against both typical and atypical digital extortion attempts, especially when it comes to phishing and social engineering,” urged Sancho.

Source

Keywords