Oliver Paterson, Director Product Management at VIPRE Security Group
Not only are cyber criminals unyielding in their effort to trick and steal, but they are also consistently getting better at it. Latest research shows that threat actors are adapting their attack methods in tune with changing consumer habits.
The latest threat vectors
With the popularity of cloud storage spaces such as Google Drive, these are increasingly being used to deliver malware, accounting for 67 percent of malspam delivery. Similarly, the use of PDFs as a malspam delivery tool has more than quadrupled since the first quarter of this year. Criminals are finding success with PDFs as a mode of attack because hackers make people think there’s payment-related information inside. Once opened, the PDFs contain links to malicious pages or release their own malware.
Cleverly, threat actors are using callback phishing, which is proving to be a successful low-tech bar to entry. An urgent email from an individual posing as a service provider to an unwitting employee in a procurement department at a financial sector organisation, prompting an urgent ‘call back’ or a ‘sign in’ link to verify information is often sufficient to lose sensitive data.
User-friendly Redline malware is also on the rise. Redline can exercise complete control over a compromised machine, exfiltrating sensitive data like banking credentials, passwords, and even cryptocurrency-related information. Criminals are also using LinkedIn Slink, a useful feature provided by LinkedIn to enable organisations to better track their ad campaigns on the platform.
Not to be left behind, criminals are using ChatGPT to their advantage too. Whilst previously caught out due to poorly written emails, hackers are now using this tool to produce top-notch communications, making it difficult for employees to distinguish from legitimate correspondence.
Resourcing security to align defenses with new threats
Organisations in the finance sector are unquestionably lucrative targets for hackers for obvious reasons. Therefore, reasonable level of resources, including skills and budgets, are needed to ensure protection. Whilst all sizes of organisations comprise the finance sector, the majority of companies fall within the ‘small and medium enterprise’ category. Herein lies the challenge – with typically limited resources, how can growing enterprises optimise security budgets?
Some areas to consider. Given the scale of phishing attacks, malspam and business email compromise scams, strong email and endpoint security is vital. There are many such solutions on the market that are affordable. While conducting due diligence for product selection, it’s imperative to ensure the efficacy of these solutions, the rating of the vendors and the future roadmap so that the technology deployed is suitable now and for the long term.
The right level of expertise and skills are essential. Due to the ever-increasing sophistication of cyber-attacks, merely deploying the solutions isn’t enough. Proactive monitoring, detection and remediation of attacks are essential. With the continuous and evolutionary nature of cybersecurity attacks, limited resources can quite easily lead to missed incident responses and sometimes also ‘alert fatigue’. It potentially takes just one incident to cause a major breach. From human resource, security and budgetary standpoints, outsourcing this activity to third party services providers can be advantageous. Managed services providers have dedicated staff to monitor threats 24 x 7, as well as undertake advanced attack prevention, detection and response measures.
From employees’ perspective, appreciation of current threat trends, security knowledge and ability to spot suspicious activity is extremely valuable. Allocating budget towards providing regular security awareness training to employees will truly be money well spent. There simply isn’t a substitute for this knowledge. Ensuring busy employees intuitively know what to look out for is critical. With bad actors using every trick in the book alongside using a variety of technology, email and social engineering attack methods, it is easy for time-poor employees to innocently fall victim to criminals. Equipping employees with information so that they know what to do and how to react can do a long way in minimising the impact on the business.
It’s worth a mention that the above approaches can have a bearing on organisations’ cost of cyber insurance too. Today, insurers look favourably upon organisations who outsource parts of their security and go the extra mile to create security awareness in their company.
The threat landscape is evolutionary, but even today, email remains the first – and sometimes the last – line of defense against all manner of threats in an online and digital world. Securing its use to safeguard data and ensure business continuity must be a priority, not only for finance sector organisations, but for every company and individual.