According to the report, targeted ransomware is more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so the ransom must be paid. These attacks are different than ‘spray and pray’ style attacks that are automatically distributed through millions of emails, and this “interactive attack style,” where adversaries manually maneuver through a network step-by-step, is now increasing in popularity.
Sophos experts believe the financial success of SamSam, BitPaymer and Dharma to inspire copycat attacks and expect more happen in 2019.
Also, cybercriminals are employing Advanced Persistent Threat (APT) techniques to use readily available IT tools as their route to advance through a system and complete their mission; whether it’s to steal sensitive information off the server or drop ransomware.
With illegal Android apps on the increase, 2018 has seen an increased focus in malware being pushed to phones, tablets and other IoT devices. As homes and businesses adopt more internet-connected devices, criminals have been devising new ways to hijack those devices to use as nodes in huge botnet attacks.
In 2018, VPNFilter demonstrated the destructive power of weaponized malware that affects embedded systems and networked devices that have no obvious user interface. Elsewhere, Mirai Aidra, Wifatch, and Gafgyt delivered a range of automated attacks that hijacked networked devices to use as nodes in botnets to engage in distributed denial-of-service attacks, mine cryptocurrency and infiltrate networks.
For additional and detailed information on threat landscape trends and changing cybercriminal behaviors, please reference the entire Sophos 2019 Threat Report at www.sophos.com/threatreport .
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now