Cyber Criminals are Becoming More Sophisticated

DC tunnel.jpg

One constant in cybersecurity is the continual rise of sophistication and creativity of attackers.  In 2016, we will see a fundamental expansion of the techniques of attackers.  Integrity attacks will rise.

The industry has become comfortable with traditional Availability and Confidentiality attacks, which are typically crude but effective.

Denial of Service attacks for example, undermine availability of websites, services, and resources.  Flooding networks, deleting files, and redirecting traffic are some of the brute tactics.  Such maneuvers have been around for a long time and are well understood.  Security tools and services can control such risks.

Recent Data Breaches are a great example of confidentiality attacks, which have exposed the personal and business data of millions.  Attackers tend to break in, grab all they data they can, and run.  Not especially elegant, but it works. The security industry is rapidly gaining traction with tools and practices to prevent such compromises.

Integrity.jpgIntegrity attacks are something new.  They are more sophisticated, well planned, and executed.  It is about discretely modifying specific data or transactions and can be much more devastating.

The scale of impact is vastly different.  It is not about selling credit card data or compromising ATM’s for a few thousand dollars.  Instead, it can create huge windfalls for organized criminals and advanced threats.

Last year Carbanak, a malicious banking campaign was detected, which selectively modified a relatively small number of very specific transactions.  This one organized-group stole 300 million to a billion dollars in total from over 100 banks, by altering just a few transactions.  Successes like that reinforce continued activities and further investment by the attackers.

Modifying trusted communications is also on the rise.  Even something as simple as taking control of a company’s email system can allow an attacker to conduct fraudulent transactions.  Several incidents are emerging where Accounts Payable departments have received ‘urgent’ emails from executives to immediately send checks to overseas vendors.  Completely fraudulent.  The attackers were able to have an interactive discussion in email, successfully impersonating executives, to compel funds being transferred.

Ransomware, another example of compromising the integrity of just a few files which remain on a victim’s system, is also growing rapidly.  It will be one of the scourges of 2016.  Cryptowall, a popular ransomware package, fleeced over 320 million dollars last year from unfortunate victims who paid the extortion.  Consumers, businesses, and even government agencies paid to have their access restored.  The scale of ransomware has never been so great and it continues to grow, fueled by its own success.  The criminals are benefitting from distinct advantages and will greedily continue for as long as they can.

When will the Integrity problems be tamed?  Not for some time.  They are just beginning to pick up.  Integrity attacks are difficult to protect, detect, and recover from.  The security industry has not yet adjusted to emerging challenges and attackers are taking advantage of the opportunity.

In 2016, sophisticated threats will pursue Integrity attacks which will be a challenging shift in the industry that everyone will have be concerned with and overcome.

Want to know more?

Published on Categories Archive
Matthew Rosenquist

About Matthew Rosenquist

Matthew Rosenquist is a Cybersecurity Strategist for Intel Corp and benefits from 20+ years in the field of security. He specializes in strategy, measuring value, and developing cost effective capabilities and organizations which deliver optimal levels of security. Matthew helped with the formation of the Intel Security Group, an industry leading organization bringing together security across hardware, firmware, software and services. An outspoken advocate of cybersecurity, he strives to advance the industry and his guidance can be heard at conferences, and found in whitepapers, articles, and blogs.