Cybersecurity Attacks 101: Phishing, Cryptojacking and Ransomware

Malware is getting smarter. Cybercriminals now use artificial intelligence and machine learning tools to get better at tricking users into running malicious code and giving away sensitive data. Three client-side attacks have been among the most popular over the past two years and will remain threats. In this post, you’ll learn about phishing, cryptojacking and ransomware.

Types of Phishing Attacks

Phishing has morphed into several subtypes. More people are asking me about phishing than any other type of attack. It’s a genuine problem. You may have experienced some of these personally:

Deceptive phishing

Criminals pretend to be a legitimate organization, such as the IRS or an operating system provider, alerting the user to a problem in their ecosystem. They send the user to redirected or fraudulent website links that seek to gain personal data, such as usernames and passwords.

Spear phishing

This attack has a personal touch. The sender often drops in personal details to make it seem like the sender knows the recipient. Attackers are using machine learning to write more persuasive messages.

CEO fraud

The boss needs something, please do it right away! These attacks impersonate company email accounts and send messages appearing to be from an executive. Some schemes include getting the recipient to send a wire transfer or employee W-2 data.

83% of information security professionals say they experienced phishing attacks in 2018, up from 76% in 2017. Source: PC Magazine/Proofpoint

Vishing

Hello? Vishing uses voice calls or voice messages to get the recipient to reveal personal information, such as a credit card number or banking information.

Smishing

A text message lures the recipient to click through to a malicious URL or call the fraudster back.

Pharming

Known as DNS cache poisoning attacks, an attacker will point legitimate website links to a fake site where they can harvest private data.

49% of information security professionals experienced vishing or smishing in 2018, up from 45% in 2017. Source: PC Magazine/Proofpoint

Cryptojacking

Cryptojacking is the mining of cryptocurrency on your computer without your knowledge. This type of attack matured in the past few years to target large institutions and Internet of Things (IoT) devices, as well as individuals. Although attackers’ most popular mining tool shutdown recently, three other malicious cryptominers are still available, so this threat will continue.

Mining software takes computing resources, so the attack slows performance. Its presence can increase utility costs and destroy small devices due to overheating.

While its goal is not to extract sensitive data, think about this: if hackers can put cryptojacking software on a website or computer, they can put other malware there, too — and sell access to other cyber criminals.

Big organizations targeted by cryptojacking include enterprises and educational institutions. In some cases, cryptominers have hit the enterprises’ presence on public cloud computing platforms after gaining access through an administrator panel that was left open. In other cases, cryptojackers infected a website plugin and a website deployment tool.

“Cryptojacking was the runaway security problem in 2018, damaging devices in cybercriminals’ pursuit of profits.” Source: Tech Republic

Ransomware

Like phishing, ransomware is unleashed by a user who clicks on a link in a malicious email. Once triggered, the ransomware can spread throughout an enterprise network. Ransomware locks up data files and demands payment to let it go.

Businesses hit by ransomware are faced with extended downtime, public embarrassment and those without a secure disaster recovery plan may cease business operations completely.

Attackers have extorted millions of dollars from victims, causing damage that far exceeds the value of the ransoms. Healthcare has been among the hardest hit industries and remains at risk of $25 billion in losses from a global ransomware attack. Recent ransomware attacks have targeted city government and industrial firms,

“Between July 2017 and September 2017, there was a 700 percent increase in ransomware.” Source: Malwarebytes

A smart edge defense

Cybersecurity is complex and time consuming for humans. Expect more and new attack vectors every year. Push protection out to your edge ecosystem to create efficiencies. Use AI tools to further strengthen your edge security and make security operations more efficient.

As an IT security services provider, TierPoint assists our clients with the development, implementation and management of comprehensive IT security strategies. Learn more about our Security and Compliance Services.