According to SophosLabs, cyber attacks are becoming increasingly targeted and cybercriminals are stalking victims in order to make millions. The company states this in its Threat Report 2019, which examined the threat landscape of the past twelve months. The report also shows how trends are expected to affect 2019.

According to Joe Levy, CTO of Sophos, less developed cybercriminals are increasingly dropping out. The good criminals, however, are getting better and better. “Eventually there will be a small but strong group left. These new cybercriminals are a cross between the targeted attacker of yesteryear and users of off-the-shelf malware who use manual hacking techniques. Not for espionage or sabotage but to earn a more than good income from it.”

These targeted attacks are reflected in ransomware, according to the report. Cybercriminals made millions of dollars from handmade, targeted ransomware attacks. In addition, human attackers find the victims and, for example, remove backups. As a result, victims have to pay a high ransom fee. According to Sophos, the success of these targeted attacks inspires others, which is expected to increase the number of attacks next year.

Implementation changes

In addition, the execution of the attackers will change next year. Attackers have developed their techniques that allow them to use readily available IT tools to move through a system. For example, cybercriminals today use essential or built-in Windows IT admin tools to launch malware attacks. In addition, they link together various script types that carry out an attack, triggering a chain reaction before an IT manager detects a threat.

The EternalBlue vulnerability also remains popular among cybercriminals, even though there have been patches for it for over a year. Criminals link EternalBlue to cryptomining software, allowing multiple machines to be infected quickly. The hacker is paid more and the normal user gets high costs.

Finally, malware for mobile devices and IoT remains popular. Criminals are constantly discovering new ways to bypass Google detection and get malicious apps into the Play Market.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.