Cybercrime is evolving to be more personal and surreptitious

Organizations need to think hard about why they might be a target of a data breach — as well as think about who their potential attackers might be if they are to keep sensitive information secure.

That’s the advice of Ajay Sood, FireEye, Inc.’s general manager for Canada, who said cybercrime’s constant evolution has meant it has moved away from just targeting financial data, such as credit card information, to more proprietary corporation information.

“Any form of intellectual property is at risk,” he said. Not only is anything that can be monetized under threat, but so is more personally identifying information (PII) and health information, noting the recent, high profile Ashley Madison breach as well as medical data exposed by Premera Blue Cross. “What could be more personal than that?”

Of course, any data is potentially valuable, acknowledged Sood, and generally falls into four buckets – political, intellectual, financial and now personal capital. And the criminals themselves are not necessarily interested in the data itself, but end up finding a way to monetize later on, he said. “Whether you think you’re target or not, your data is valuable to someone.”

The fact that it is valuable to you puts it a risk, which the rise of ransomware has shown. Cyber-criminals can lock up your data and encrypt it, forcing an individual or an organization to pay thousands of dollars to regain access to it, said Sood. “It doesn’t matter who you are. They may not be after you. They may be after the data you have access to.”

A recently published Cisco Systems Annual Security Report noted that ransomware has two main advantages to criminals: It is a low-maintenance operation, and it offers a quick path to monetization because the victims have to pay in cryptocurrencies.

Sood said a hallmark of cybercrime evolution has been complacency by design as organizations have come to rely on tools and technology, and viruses are Trojans are now see as annoyances. “Today the problem is invisible.” Users stumble across malware that provides hackers with access to systems to monetize an attack. “It’s quiet,” he said. “It surreptitious. That’s the objective of modern cybercriminals.”

FireEye’s consulting arm, Mandiant, recently released its seventh annual Mandiant M-Trends report, which found the average number of days it takes to discover a breach is 146. The report was compiled from advanced threat investigations conducted by Mandiant consultants in 2015.

Wednesday is the most popular day for “spearphishing” attacks, the report found, with 29 per cent of spearphishing emails being sent on Wednesday, compared to 20 per cent on Thursday and 10 per cent on Saturday.

Another key finding was that ransomware attacks are growing as hackers use malicious software to block access to a computer system until a ransom is paid. The amount of organizations being subject to ransomware has increased exponentially over the course of 2015, well before the high profile Hollywood Presbyterian Medical Center incident.

And just as Sood noted, many organizations are unware of a threat, as less than 10 per cent of organizations recognized an alert as an indication of ongoing threat activity and responded appropriately.

The M-Trends report delves further into several major trends it has seen developed, including what it dubs the “David v. Goliath” phenomenon of attackers disrupting businesses by destroying critical business systems, leaking confidential data, holding companies for ransom, and taunting executives. The Mandiant report said some attackers were motivated by money, while others claimed to be retaliating for political purposes or simply wanted to cause embarrassment.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Gary Hilson
Gary Hilson
Gary Hilson is a Toronto-based freelance writer who has written thousands of words for print and pixel in publications across North America. His areas of interest and expertise include software, enterprise and networking technology, memory systems, green energy, sustainable transportation, and research and education. His articles have been published by EE Times, SolarEnergy.Net, Network Computing, InformationWeek, Computing Canada, Computer Dealer News, Toronto Business Times and the Ottawa Citizen, among others.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now