Home Security Warning: Global cyber crime reaches new highs and worse to come
Warning: Global cyber crime reaches new highs and worse to come Image courtesy of Stuart Miles at FreeDigitalPhotos.net Featured

There has been an unprecedented level of new cyber crime attacks worldwide in 2017 — both in number and intensity — and next year is expected to be even worse, according to global security firm MailGuard.

The security firm says there were hundreds of online-fraud and hacking incidents this year and its data shows that cyber crime is “more profitable than the global trade in marijuana, cocaine and heroin combined”.

To support its claim, MailGuard points to a new report by European Union cyber intelligence agency, Europol, which says that the steep upward trend in cyber crime points to 2018 being worse still, with cyber crime now the most economically damaging crime category worldwide.

“From the recent revelations about the Uber data-breach scandal to the Netflix scam, this was a busy year for the cyber security industry,” says MailGuard’s Emmanuel Marshall  in a newly posted blog.

“History may well remember the 20-teens as the decade of cyber crime.

"Cyber security experts and policymakers alike are predicting that 2018 will see a cyber-crime-wave. There’s been explosive growth in online fraud, hacking and data theft in recent years and the trend looks set to continue. The FBI has estimated that the cost of email fraud alone could be as much as US$9 billion in 2018.  

"Cyber criminals utilise sophisticated AI technology to monitor business and social networks and they exploit the data they collect to infiltrate organisations. All criminals need to break into your business is a cleverly worded email; if they can trick one person in your company into clicking on a malicious link they can gain access to your data."

Marshall warns that the steep upward trend in cybercrime points to 2018 being worse still, with cyber crime now the most economically damaging crime category worldwide.

And MailGuard lists the four biggest cyber crime stories that it says dominated the headlines in 2017:

WannaCry

When the WannaCry ransomware appeared in May it spread across the globe like wildfire, eventually infecting an estimated 200,000 computers in 150 countries.

WannaCry attacked a security loophole in older versions of Windows operating systems using an exploit known as EternalBlue. Once it infected computers it would then replicate itself across networks, spreading quickly and invisibly.

The shock and awe factor of WannaCry came from the serious impact it had on big industry and essential infrastructure. Hospitals in the UK running older computers were forced to shut their doors to patients when their systems went offline. FedEx distribution centres were locked out of their inventory systems. The Spanish telephone network was seriously disrupted. Car factories owned by Renault had to cease production.

Estimates of the financial harm caused by WannaCry are still a topic of debate, but it is generally agreed that the outbreak did damage in excess of US$4 billion.

NotPetya

On 27 June, just weeks after WannaCry, there was another EternalBlue-based ransomware attack.

NotPetya appeared simultaneously in France, Germany, Italy, Poland, the UK, the US, Russia and Ukraine.

Ukraine was especially badly impacted by NotPetya. Eighty companies and organisations were attacked by the virus, including the National Bank of Ukraine.

Like WannaCry, NotPetya displayed a ransom message on infected computers demanding money to unlock the system, but analysts working on the outbreak quickly realised that extortion was not the true objective of the virus. NotPetya activates a disk wiper that overwrites an infected computer's boot files.

Because NotPetya mainly targeted Ukranian companies and infrastructure, a theory emerged that the attack was initiated by a Russian government agency as part of ongoing hostility stemming from the 2014 conflict. This theory was strengthened by the timing of the outbreak. Many cyber security experts speculate that NotPetya was a politically-motivated attack because the outbreak started on the eve of Ukraine’s Constitution Day holiday.

KRACK

In October, Mathy Vanhoef and Frank Piessens, security researchers at the University of Leuven in Belgium, revealed critical vulnerabilities that exist in all standard Wi-Fi devices. The weakness in the Wi-Fi protocols makes it possible for hackers to read encrypted data on Wi-Fi devices and use them to break into networks.

The newly discovered hacking vulnerability was named KRACK; which stands for ‘Key Reinstallation AttaCKs.’

Upon discovering the KRACK problem, Vanhoef and Piessens immediately notified manufacturers of WiFi devices, who began implementing patches to close the gap in the security of their systems.

The scale of the KRACK problem is huge because Wi-Fi is such a ubiquitous technology in commercial and industrial environments. The issue is exacerbated by the fact that there are many companies still manufacturing devices with unpatched firmware, and countless unpatched devices already in use.

The threat posed by KRACK is twofold; it allows cyber criminals to access supposedly secure data networks and steal information, but it also makes it possible for them to inject viruses or malware that creates botnets.

Botnets

IoT is the 2017 buzzword of the year but the Internet of Things has also given us the latest and most disturbing cyber security threat of the year.

Along with the explosive growth of wireless technology and the rapid uptake of IoT technology it has become clear that IOT is turning into a security nightmare.

There are security weaknesses baked into the firmware on IOT and Bluetooth devices — from high-end surveillance cameras to wireless headphones — that permit exploits like KRACK. These security weaknesses can be used by hackers to remotely seize control of wireless devices, thereby giving them access to computers and phones on those networks as well.

Cyber criminals can assemble massive groups of compromised wireless devices into botnets and use them to launch denial-of-service attacks. A large scale DoS attack can be devastating. Cyber criminals use the computers in their botnets to send massive volumes of Web traffic to clog up their victim’s network and such attacks can effectively shut down the targeted organisation. In 2016 a DoS attack seriously disrupted Amazon, Twitter and Netflix services.

Cyber security experts know that criminal organisations are amassing huge Botnet resources, but are not sure yet what purpose they will be put to. A surge in DoS attacks is predicted for 2018, enabled by botnets built through IoT network hacking.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

10 SIMPLE TIPS TO PROTECT YOUR ORGANISATION FROM RANSOMWARE

Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.

DOWNLOAD NOW!

Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect