As we enter 2020, the Cybeta™ analytics team anticipates four major trends for the year ahead: increased state-sponsored attacks, global attacks focusing on vulnerable technologies, social engineering attacks, and compromised credentials. This article discusses each of these trends.
1. State-Sponsored Attacks
Geopolitical tensions and the technical capabilities of hostile state-level entities will accelerate the threat to both US businesses and US critical infrastructure. Specifically, the attack vectors are likely to remain focused on cross-exploiting social engineering vulnerabilities from compromised credentials, combined with technical vulnerabilities that are discoverable and exploitable. Most importantly, state-sponsored entities are likely to aim for increasingly visible damage, to placate both internal political players and escalate the deterrent effect of a successful attack on future US actions against these states or their technologies. Rather than longer-term intellectual property theft, the Cybeta team expects a marked and obvious attack increase and possibly breach success against visible, noteworthy targets.
2. Global Attack Trends Focusing on Vulnerable Technologies
The attack planning cycle will continue in 2020, with threat actors contemplating attacks on organizations continuing to footprint and enumerate the hardware and software in their targets’ tech stacks. Attackers will continue observing the manufacturer, version, misconfiguration, and protocol information, while cross-referencing those data sets with known exploits and available patching information. This will continue to dictate the most likely targets. Using advanced machine learning with automatically mined deep and dark web data fused with hacker community information, Cybeta predictive analytics will continue to accurately analyze pre-attack conversations and trends. This will enable defenders to proactively prioritize and triage any vulnerable areas of their enterprise attack surface.
3. Social Engineering Attacks: Spear-Phishing, Ransomware, and Business E-mail Compromise
Social engineering attacks, including spear-phishing, ransomware, and business-email compromise – especially ones sponsored by hostile states – will continue to wreak havoc on organizations in 2020. According to various studies, 30% of phishing e-mails are opened and upwards of 90% of all data breaches actually begin with social engineering. And the quality of the deception will continue to improve – no longer will poorly crafted emails rife with grammatical errors and implausible scenarios serve as bait. Threat actors have increased in sophistication and are now delivering customized ruses that are tailored to the recipient, including awareness of the target’s preferred commercial brands and interests, professional and personal contacts. In a growing number of cases, the deception even includes impersonation of friends and family of the target by imitating nuanced language and writing styles.
4. Compromised Credentials
We will continue to see the commoditization of passwords and employee personally identifiable information (PII) by threat actor communities on the dark web. This originates from web application flaws and cyber attacks occurring at third party vendors, social media sites, and entertainment services. Highly useful in threat actor targeting, these credentials and PII represent valuable tools coveted by adversaries. They enable attackers to gain unauthorized access to corporate systems and networks, and to create highly customized social engineering attack against victims, including spear-phishing, ransomware, and business e-mail compromise.
Founded in 2019, CybetaTM offers a suite of cybersecurity products and services designed to help you keep your business off the Cyber ‘X’. Based on decades of detecting and thwarting the activities of even the most advanced attackers, CybetaTM delivers the substantive intelligence you need to make preemptive strategic and operational decisions. Think in terms of over-the-horizon visibility coupled with enhanced peripheral vision.