The New Approach by Sophisticated Cybercriminals

Discover the new enterprise approach used by cybercriminals and what you can do to defend your company against these attacks.

The New Approach by Sophisticated Cybercriminals

Battling the dark side of cybercriminals has been a challenge for over a decade.  Their attacks have included everything from offering you a huge sum of money to clandestine drug companies offering miracle drugs.  But, today cybercriminals are taking a whole new approach. It’s known as an “enterprise approach.”  Just when you think we’ve got it all under control, sophisticated cybercriminals change the game.  The enterprise approach is focused on a smaller number of targets with the end goal of getting more of a payload.  According to the FBI, popular web services and employees are the targets of spearfishing by cybercriminals.  This new approach is proving to roll in the cash for cybercriminals.  It’s social engineering that has three main phases.

Phase 1:  Infiltration of the Organization

Previously, cybercriminals targeted individuals like company executives and not employee attacks.  While most execs are trained in cybersecurity and detect bold requests and strange addresses as phishing, many other company individuals don’t know how to sniff out suspicious emails.  Generally, lower level employees lack security awareness and wouldn’t suspect something like Microsoft sending a message to reactivate an account.  However, that is a red flag.  The average employee wouldn’t hover over the link and spot a different website address. And that’s exactly the main reason why lower level individuals make easy targets for cybercriminals.  Lower and mid-level employees just don’t receive the type of security training as high-level employees.  If the employees take the bait, it’s likely their password and username will be stolen.

Phase 2:  Reconnaissance

During the reconnaissance phase, cybercriminals will then monitor the stolen account and read the email traffic to learn more about the company.  They may even change the rules on the specific account in order to not have to login again.  Learning the traffic allows the cybercriminal to identify key decision makers and even reach confidential human resource data.  Cybercriminals can also spy on the activities of the company’s vendors, clients, and partners.  All of this information is then used to launch the third phase of the cyber attack.

Phase 3:  Using the Extracted Data

Cybercriminals can use the extracted data to launch a specific phishing attack. Employees can be fooled into wiring money.  Fake bank account info can be used for payments and additional sensitive data and credentials can be stolen.  The email appears to be coming from a legitimate account, but it’s not.  The reconnaissance phase gives cybercriminals the ability to fake a sender’s text style and signature.

How to Battle the New Enterprise Approach by Attackers

There are three factors that companies need to focus on in order to ward off this new approach:  targeted user training and awareness, authentication and artificial intelligence (AI).  All employees need to be regularly trained to increase their security awareness skills against cybercriminals.  Training should not be limited just to the company’s executives.  One of the best training activities for employees is to stage a simulated cyber attack.  Multi-factor authentication is also critical.  With multi-factor authentication training, cybercriminals cannot get access to accounts.  Different methods include retina scans, key fobs, SMS codes, biometric thumbprints and mobile calls.

AI is another critical factor in warding off attacks.  As a matter of fact, “Artificial Intelligence now offers some of the strongest hope of shutting down spear phishing.  By learning and analyzing an organization’s unique communications patterns, an AI engine can sniff out inconsistencies and quarantine attacks in real-time.  For example, AI would have been able to automatically classify the email in the first stage of the attack as spear phishing, and could even detect anomalous activity in the compromised account and prevent the second and third phases of the attack.”

Companies need to take immediate action in order to defend themselves against the new enterprise phishing methods by cybercriminals.  Password phishing attacks are common.  Up to 70 percent of email is spam and within that, there are phishing attacks. Everything looks good, but typically there is a rogue link requesting propriety information.

Just as cybercriminals have revamped their approach, companies need to re-think their approach in defending themselves against attackers.  Companies must now strengthen their defenses to avoid becoming the next headline story in the news.  In order to ramp up forces, it’s important that companies take advantage of automated technology.  It can’t all be left up to employees.  It’s almost like asking them to find planets that are hidden.  There must be a combined effort of humans and automated machines.  This combined approach would reduce the risk of malicious codes not being detected and enable company security teams to keep company data safe.

Hackers and attackers cloak themselves in crafty camouflage.  As cybercriminals become more sophisticated, it’s getting increasingly tougher to find them hidden in the system, especially when they’re designed to be invisible.  The new enterprise approach by cybercriminals is a blend of smart automation and hidden deception.  It goes deep inside the company network.  Without a doubt, it’s time for companies to turn to new and innovative methods to detect and isolate sophisticated threats.