Here are the 7 most popular tactics of cybercriminals

The digital world has opened the door to unprecedented malicious attacks that threaten the security of applications, company data, operational infrastructure and reputation. As a result, many representatives of the management team responsible for security in the company are forced to give up their position due to serious data breaches. In addition, cuts in IT budgets and resource reductions mean that many organizations are even more vulnerable to attacks. That's why, with the advent of automated hacking tools and hackers, cybercrime has turned into a game of profit. Recent research carried out by F5 Labs shows that out of 429 reported violations analyzed in 2005-2017, hackers earned $ 2.75 billion in the black market.

Offensive play

New cloud-based applications create many complex challenges and new threats. It's an ideal situation for hackers. In fencing, there is a movement known to cheat an opponent by attacking a specific target and navigating a semi-circle to hit another area. Today, hackers are equally cunning - they use seven popular techniques that maximize the negative effects on the targeted companies, providing them with huge profits. The most often used by them moves are malicious bots, intercepting user passwords, DDoS, ransomware, Internet scams, phishing and malware.

What do these attacks have in common? They are often associated with malicious bots as a means of stealing or extortion. According to the latest Verizon report on investigations into data breaches, 77% of extortion in online applications was carried out using botnets.

Internet frauds most often use Man-in-the-Browser techniques that involve installing Trickbots via phishing, drive-by-download or SMB ports. The Java script is then entered directly into the websites of online stores or online banking viewed by the user. In this way, hackers gain access to credentials and can steal money from bank accounts.

Phishing scams are also evolving. Cyber ​​criminals usually use this method to get people to click on a link that can infect a system with malware or transfer them to a fake website designed to steal personal information. In the first quarter of 2017, phishing attacks and malware appeared every 4.2 seconds.

Capturing user passwords is another growing problem. Here, hackers turn to other cybercriminals to buy stolen user data. Then, they take multiple attacks using automated tools to fill in the login fields on various websites to access accounts held by corporate users or clients. If the user uses the same password to log in to different pages, the likelihood that the data has already been stolen increases.

Meanwhile, DDoS attacks are still popular and it is becoming increasingly difficult to defend against them. They can be used by both pranksters and act in the act of retaliation, protest, theft or extortion with a specific purpose. Attackers often use easily accessible tools to disrupt the service delivery and operation of the company. There are four main types of attacks: volumetric (based on flooding the target with packets), asymmetric (calling out time limits), computational (consuming processor and memory) and exploiting vulnerabilities (applications). The most harmful DDoS attacks combine a volumetric attack with application-oriented attacks.

Defensive play

Security experts recommend that a robust Web application firewall (WAF) be the first security against attacks aimed at intercepting passwords. This is the equivalent of "retorts" in fencing - a blow dealt directly after a successful self-defense The fully functional modern WAF system allows companies to deal with offensive attacks thanks to advanced detection and prevention of bots. This is necessary because most attacks are triggered using automated By analyzing behaviors such as IP address location, time of day and connection attempts per second, WAF can help the security team to identify login attempts outside the browser.

It is also important that the data in the browser or mobile applications are encrypted, protecting all information provided by users and preventing data capture. As an additional layer of security, you can enforce encryption of client form parameters. Automatic tools to use already accessed passwords will have to use encrypted form fields. When the bots send unencrypted credentials, trigger a warning system that notifies team. The current security attack.

Companies should introduce rules that will help users to change their passwords regularly to avoid using them repeatedly on different sites. You should also immediately report any incident, for example, if they think they clicked on a malicious link in a phishing information.

Intelligent play

In the face of cybercrime, data on threats are of fundamental importance. With a better picture and more control, you can effectively protect your infrastructure, applications and sensitive data. It is necessary to adapt the strategy to strengthen the protection of applications using the most modern tools and moving the resources to react quickly to dangerous serve hackers. Thanks to this, the company will be able to operate effectively and safely.

Add new comment

The content of this field is kept private and will not be shown publicly.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.