2017 has seen its fair share of serious and widespread cyber-attacks. Cybercriminals have continued to innovate and have found new ways to target organizations of all shapes, sizes, and industries. In many cases, they have successfully obtained monetized and highly sensitive information, putting these businesses at risk. Despite increased law enforcement pertaining to cybersecurity, underground communities of sophisticated cybercriminals are as active as ever.
Here are some noteworthy trends observed in the cybercriminal underground in 2017:
Substantially increased monetary losses due to Business Email Compromise (BEC) schemes
A business email compromise is when an attacker gains access to a corporate email account, taking over the owner’s identity to defraud the company or its employees.
BEC does not compromise the target organization, and can affect small and large organizations alike. In recent years, BEC has appeared to be an area of rapid growth, leading to $5.3 billion dollars in losses globally.
In late April, Google and Facebook were both victims of a BEC scam that left the attackers with $100 million (Flashpoint).
Growing rates of tax fraud leveraging stolen W-2 documents
W-2 phishing attacks continue unabated. So far this year, about 125 organizations have leaked W-2 data after being conned by a phishing email. These emails appear to be from the CEO or other company official, tricking employees to disclose this confidential information into the wrong hands.
One of the largest incidents was at American Senior Communities in which W-2 forms belonging to 17,000 employees were compromised. The leak was discovered several weeks after it occurred when employees complained that they were unable to file their taxes.
The emergence of the “WannaCry” ransomware worm
The WannaCry ransomware attack that occurred in May, infected tens of thousands of systems in over 150 countries by leveraging the recently leaked NSA exploit ExternalBlue. The ransomware cryptoworm targeted computers that were running the Microsoft Windows operation system by encrypting data and demanding ransom payments.
To ensure that your networks and systems are not vulnerable to cyber-attacks, it is important to make sure that your data is secure. With the evolution of cyber-criminal activity, there are constantly new threats being posed to your cyber security. We have a proactive attitude towards protecting our clients so that you can be confident your security is ahead of the curve.