5 current cyber attack trends | Pentest7

top cybersecurity companies

The Federal Office for Information Security (BSI) warns that companies are being hit more and more by cyber attacks. Critical infrastructures (Kritis) and financially strong companies are particularly at risk.

In the past twelve months, cybercriminal extortion methods have become noticeably stronger. This is a central result of the BSI report “The Situation of IT Security in Germany 2021”. Rohde & Schwarz Cybersecurity summarizes the five most important new attack trends and explains how you can protect yourself.

Such ransomware attacks have played an increasing role in threatening businesses for several years. In its current situation report, the BKA even described ransomware attacks as the greatest cybercrime threat for German companies and public institutions. In a ransomware attack, cyber criminals demand a ransom before releasing previously encrypted data.

The BSI also recognizes new variants of blackmail attacks. According to the current management report, extortion of protection money and hush money is also increasing. A global campaign by cyber blackmailers could already be observed in autumn 2020, who extorted protection money from wealthy victims under threat of distributed denial-of-service attacks (DDoS attacks). In the case of DDoS attacks, websites are attacked so heavily with requests that they can no longer be reached. There is also an increasing number of blackouts, in which data is no longer only encrypted, but also extracted. The attackers threaten to publish the data if payment is not made.

  1. Blackmailers specifically select financially strong victims

“Big Game Hunting” is the term used to describe the targeted blackmail attack on financially strong companies. The attackers determined the amount of the ransom, for example, based on publicly available information about their victims, such as the size of the company or the quarterly figures, writes the BSI in its report. In addition, corporate networks are spied on prior to the actual attack in order to identify suitable targets. Multi-stage attack strategies are used here. The BSI describes this as follows: First, the Trojan Emotet is smuggled in. It serves as a door opener. The “Trickbot” malware is then reloaded to spy on the network, spy out passwords and inspect accounts. In the case of particularly worthwhile goals, the ransomware “Ryuk” was installed and ransom was extorted. Clemens A. Schulz from Rohde & Schwarz Cybersecurity warns: “The Emotet virus has now been shut down. However, it is only a matter of time before new – possibly even more powerful – variants of such door openers appear. “

  1. Lots of new virus variants

According to the BSI, the number of new malware variants increased daily by an average of just over 394,000 in the last reporting period. This corresponds to an increase of 22 percent. At times peak values ​​of 553,000 new variants were achieved every day. These figures make it clear how fast the cybercrime market has grown and how professionally the players are proceeding. Schulz explains why variants are so dangerous: “Common firewalls and antivirus programs can only stop malware that is already known to them. The greater the number of new and unknown types of attack, the greater the likelihood that they will enter a company’s IT networks unnoticed. “

  1. Attackers bet on a double strike

The BSI has observed that attackers launch additional attacks on a company while an attack is in progress. For example, individual attackers use DDoS attacks during the negotiation of a ransom in order to put the victim under further pressure. If, for example, an online mail order company switches to a web presence that is less protected against DDoS attacks due to a ransomware attack, a DDoS attack on this presence would make it even more difficult to cope with the ransomware attack.

  1. Critical infrastructures particularly at risk

The BSI cites several examples in which critical infrastructures (KRITIS) have recently been hit hard by a cyber attack. In September of last year, for example, the attack on the Düsseldorf University Hospital took place. With serious consequences: the hospital had to cancel emergency care for 13 days. Another spectacular example was the attack on the pipeline operator “Colonial Pipeline” in May of this year – with immense effects on the fuel supply situation in the USA. A recent study by Techconsult underlines the high risk of KRITIS companies: According to this, 35 percent of all KRITIS companies have been victims of an attack from the Internet in the past twelve months.

How can companies protect themselves from these attack trends?

The good news is that you can protect yourself against these new cybercrime attacks. Securing the Internet plays a central role here – because 70 percent of hacker attacks come from the World Wide Web. The best protection against attacks from the Internet is a virtual browser like the R&S®Browser in the box. If this is used, new virus variants also have no chance, because the solution does not rely on reactive detection and defense, but on proactive isolation. “In no case should companies rely solely on the caution of employees,” warns Schulz. “Emails with malicious attachments are becoming more and more professional. The mistake of a single employee who accidentally opens such an attachment can result in an entire company or agency having to be taken offline. “

In addition to securing the Internet, further protective measures should be taken – for example, the encryption of the end devices, a highly secure one VPN-Connecting and securing the home WiFi. A web application firewall also prevents the website from becoming a gateway for ransomware and can stop DDoS attacks. “With such 360-degree protection, companies make an attack much more difficult,” emphasizes Schulz. “The perpetrators are deterred and instead look for an easier victim.”

Leave a Reply

Your email address will not be published.