Virtualization Technology News and Information
Beachhead Solutions 2019 Predictions: Spearphishing and Ransomware Sophistication

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual series exclusive.

Contributed by Cam Roberson, Director of the Reseller Channel at Beachhead Solutions

Spearphishing and Ransomware Sophistication – Security Predictions for 2019

Bad actors seeking to infect endpoint devices and cloud systems with malware that enables them to compromise sensitive enterprise data - or to encrypt access to that data using ransomware - will only increase the sophistication of their attacks and the dangers they pose in 2019.

Here's what we should expect to see throughout the coming year:

1) Spearphishing attacks are going to get even more difficult to detect.

Spearphishing attacks - in which attackers impersonate trusted sources and attempt to trick their targets into divulging sensitive data - will continue to become increasingly convincing as attackers leverage ever-more-detailed personal information.

In practice, an employee might receive an email that appears to be from their manager (complete with realistic details), and asks them to take some action that serves the attackers' nefarious purposes. Look for this trend to continue, as criminals are able to easily purchase troves of data on the dark web that contain personal information and augment that with data from social sites like LinkedIn and Facebook, further improving the apparent verity of their emails.

Criminals will also focus more intensely on techniques such as fooling employees into wiring a business's funds to false accounts, or sending sensitive employee information (such as W-2 forms) that can be further exploited. Expect attackers to also increasingly target cloud systems and ecommerce sites in 2019. By gaining access to an ecommerce employee's inbox, criminals can target customers with very authentic emails that include their purchase data and request reauthentication of their accounts - thus tricking those customers into sharing their own sensitive information. Beware your inbox in 2019.

2) These increasingly sophisticated spearphishing and social engineering attacks will lead more businesses to adopt more rigorous employee training and security policies.

Defending IT systems against data breaches will continue to call for a layered approach, including data encryption, robust endpoint access controls, employee training, and smart security policies. Because spearphishing and social engineering attacks seek to exploit employee behavior as the weakest link in business' security strategies, they will address this threat by introducing more thorough and regimented employee security training. For example, we're seeing a rise in managed service providers (MSPs) protecting their enterprise clients by pairing our device access controls and data encryption with tools like the Breach Secure Now! (BSN) employee training management solution. Such tools provide a framework for training employees to better recognize phishing emails and other malware threats, certifies employees in security best practices, and makes it possible to send employees simulated phishing emails to test their behavior in fully realistic scenarios. Expect businesses to adapt their policies to bolster security as well; for instance, requiring two separate approvals before sending sensitive employee data or wiring funds.

3) Ransomware will become even more of an organized business model for criminals in 2019.

Aside from the illegality of their activities, look for ransomware criminals to further resemble and behave like any other business in the software industry. These attackers are maturing to the degree that they will carefully target clients representing the richest opportunities, study growth metrics, and iterate their solutions and strategies to optimize their margins. For example, these attackers know they can buy a million emails on the dark web and hit them with bulk emails delivering ransomware (for a cost of about $600), and will also know the precise ROI to expect. Attacks of this nature are becoming much more fine-tuned and targeted; for example, while ransomware attacks have increased 229% in the last year, attacks targeting the automotive industry have increased 400% over that period, demonstrating that criminals have discovered ripe targets in that space where data is especially essential to businesses.

In a dark parallel to trends in the legal software industry, expect a further rise in ransomware-as-a-service, where attackers will purchase predefined ransomware attacks from specialized criminals who are effectively service providers.

4) Data protection solutions and ransomware criminals will play an ever more advanced game of cat and mouse.

With ransomware on the rise, businesses have sought to better protect their data, often by retaining safe data backups. In a ransomware attack, criminals successfully infiltrate a machine or cloud system, encrypt data, and ask the victim to pay them if they ever want to access their data again. If the victim has a safe copy of the data, they don't need to pay. However, criminals operating with enterprise-like sophistication have adapted their tools to also seek out and destroy data backups, or even encrypt data within cloud storage. As backup solution providers respond by introducing airgapped and off-network storage, criminals are developing "attack loops" with malware that lies dormant for months until it's backed up into airgapped storage, where it then goes off like a time bomb. This arms race of increasingly complicated attacks and defenses will only accelerate in the coming year.


About the Author


Cam Roberson is the Director of the Reseller Channel for San Jose-based Beachhead Solutions, which provides a PC and Mobile Device encryption service platform for MSPs and businesses across industries.

Published Thursday, December 20, 2018 7:19 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2018>