Targeted attacks against particular groups or entities are on the rise this year. Instead of a “spray and pray” approach, malicious hackers are getting particular about who and what they attack and how for maximum accuracy. Why? The right ransomware attack on the right data set to the right group of people can yield more monetary gain than an attack towards a general group of people at varying companies. To empower ourselves, we need to understand how cybercrime is “getting personal” and what we can do to prevent attacks like this.
Cybercriminals want to stay under the radar, so the more their attacks remain hidden from the public eye, the better chance they have to replicate that method on other vulnerable groups with lots to lose. Unauthorized adversaries target certain devices, computer systems, and groups of professionals most vulnerable to cybercrime.
Server hacking for faster monetary gain
Attacks on endpoint devices like computers and laptops are a thing of the past for evolving hackers who know that unsecured enterprise servers offer the best chances of staying undercover than device firewalls allow. Why get pennies and minimal personal information from a single laptop user when you can get millions from a few locked up servers that house incredibly sensitive data like billing information and credit cards?
The City of Baltimore experienced this firsthand with a ransomware attack that affected 14,000 customers with unverified sewer charges. Hackers demanded $76,000 in bitcoin to unlock city service computers, which impacted the delivery of water bills to local residents. While many residents might not mind skipping a payment, in the long run it’ll cause “surprise” bills when back-pay is requested.
Recently, Rivera Beach in Florida was one of the latest government entities to be crippled by a ransomware attack, and unfortunately, they paid almost $600,000 to hackers to regain access to their data.
But it’s more than a local city and state governments that are being attacked at this scale.
Multi-mass hacking for political disruption
Devices that are used by the masses are also at risk. Think about voting machines. Hacking into those machines has never been easier due to old devices and lack of security on them. To ensure the integrity of data, governments can consider using blockchain to maintain a more hardened security structure all the while, educating their election security professionals on the latest hacking methods so they can assess vulnerabilities on physical systems. The end result of voting machine hacking isn’t monetary per se—it’s much better—pure, unbridled political chaos and public distrust in election security and government operations.
Car-jacking to car hacking
Modern transportation system and vehicle attacks are on the rise too. Today’s cars are basically computers on wheels with the levels of code embedded within them. Hackers have been known to target cars to control key functions like brakes, steering and entertainment consoles to jeopardize the people in the car, as well as everyone around them on the road. In an interview with Ang Cui, CEO of Red Balloon Security, he notes “If you can disable a fleet of commercial trucks by infecting them with specialized vehicle ransomware or in some other way hijacking or crippling the key electronic control units in the vehicle, then the attacker could demand a hefty ransom.”
Cyber security professor Laura Lee notes, “The transportation sector is said to now be the third most vulnerable sector to cyber-attacks that may affect the seaport operations, air traffic control, and railways. The ubiquitous use of GPS information for positioning makes this sector especially concerned about resiliency.”
Preventing targeted cybercrime
In many of the incidences above and those not reported upon, humans are often the first and last line of defense for these companies and devices being attacked. Humans have the ability to detect vulnerabilities and gaps in security while also understanding what hackers are after when it comes to cybercrime tactics.
Our ability to handle both technical and analytical aspects of hacking means more can be done proactively to prevent targeted cybercrime like this. Specifically, in the field of training cyber security professionals, government and commercial entities should evaluate current training efforts to ensure their teams are 100% prepared for targeted attacks like these. How hackers attack changes every day so a persistent, enduring method of training would be critical to helping empower and enable defenders to anticipate, identify, and mitigate threats coming their way.
New cyber training approaches are using gamification to complement and enhance existing traditional, off-site courses. Currently, many traditional courses are passively taught with PowerPoint presentations and prescriptive video learning, often disengaging trainees who want to learn new cyber concepts and skill sets (in addition to staying “fresh” on the cyber fundamentals).
Government organizations and commercial enterprises would be smart to explore engaging ways to keep cyber team skills up to snuff while increasing skill retention rates during training.