5 Continuously Growing Cyberthreats You Should Watch Out For
The online world is not a safe place, but how dangerous is it exactly? Read the news on a website dedicated to cybersecurity, and you'll be left with the impression that more or less every link you click on and every email you open will almost inevitably cause a huge amount of damage. While we all know that this is not strictly the case, cyberattacks are a part of our everyday online lives, and people need to be wary of them. Some threats are more active than others, and security experts are working furiously to analyze all the trends and give us a heads-up about what we should be wary of the most.
We've put together a list of six cyberattacks that seem to have been quite active over the last few months. Keeping them in mind and actively protecting yourself against them might not guarantee a trouble-free online existence, but it should help you dodge a few bullets.
Credit card skimming on e-commerce websites
Those of you interested in the infosec landscape have almost certainly heard of Magecart. Initially, the word "Magecart" was used in reference to attacks aimed at the Magento online shopping software, but over the years, it has turned into a collective name for a malicious script injected into the source code of an e-commerce website, regardless of the underlying platform. The said script is designed to silently scrape online shoppers' credit card details and send them to a server controlled by the cybercriminals. Basically, it's an online ATM skimmer, and the crooks seem to be absolutely in love with it.
Coming up with statistics about any type of cyberattack is difficult because many of these incidents remain undetected or unreported. This is especially true for threats like Magecart which are designed from the ground up to be stealthy and hard-to-spot. Nevertheless, to give you an idea of how prevalent Magecart has been over the last few months, experts from Malwarebytes pointed out recently that during the month of July alone, they detected and blocked more than 65 thousand skimming attacks on online shops.
Cryptocurrency mining malware
Most of you remember the sudden and inexplicable price surge cryptocurrencies like Bitcoin experienced back in the second half of 2017 and the first few months of last year. Experts in economics were predicting that the bubble would burst almost immediately, but in reality, the digital coins continued to be traded at sky-high prices for a while. For criminals, the temptation was too big to miss.
They knew that using custom and off-the-shelf tools they can use unsuspecting users' computer resources to mine cryptocurrency for free. Moreover, they had not one, but two ways of pulling it off. They could either inject a script on a compromised website and use the visitors' hardware to create the digital coins, or deploy miners directly on the victim's machine using traditional malware infection vectors. The term cryptojacking was coined to describe the attack, and it became so prolific, that it overtook ransomware as the most preferred weapon of choice for the cybercriminals.
The cryptocurrency craze subsided a bit in late 2018, and during the first half of this year, the price plunged way below the highs reached about eighteen months ago. Nevertheless, cryptojacking continued to be one of the major online threats.
This was proven in July when researchers from Avast teamed up with the French police and brought down the Retadup botnet which had been used to distribute cryptocurrency mining malware. Thanks to the efforts of researchers and law enforcement agents, the PCs of over 850 thousand people were cleaned up.
Supply chain attacks
You have probably heard that when it comes to software and hardware, you must always use legitimate vendors that are trusted by a large number of people. This is what security experts say time and again, and given how many shady developers push all sorts of poorly secured or downright dangerous products, it is just about the most basic precaution you can take in order to protect yourself better.
Security experts also know, however, that even the most trustworthy vendors can be compromised. They are fully aware that if the hackers manage to break the system of a big software developer, they can get direct access to the PCs of quite a few users. In fact, this seems to be happening rather a lot.
The so-called supply chain attack has been around for a while now, but in recent years, it's been used a lot more extensively. In the second half of 2018, for example, Kaspersky's researchers discovered that cybercriminals had managed to compromise the Live Update Utility of Taiwan-based PC manufacturer ASUS. Thanks to this, they were able to create a backdoored update to one of ASUS' tools and push it to millions of users. The malware was designed to be activated only on specific MAC addresses which goes to show that the attack was targeted, but it was clear that the consequences could have been much more serious. When Kaspersky released details on their findings in March, they said that supply chain attacks like this one will continue to pose a considerable threat to users all over the world.
There are two very good reasons why credential stuffing will continue to be the easiest way of compromising a large number of online accounts. The first one is rooted in people's habit of reusing the same passwords across multiple accounts. Even security professionals, the people whose job it is to explain how dangerous this can be, do it. The other factor boosting credential stuffing's popularity comes from the fact that getting to the said reused passwords is easier than you might think. Every day, security experts find misconfigured databases and servers that contain mountains of sensitive data accessible with nothing more than a browser.
Armed with thousands of username and password combinations, the easiest thing for hackers is to use a simple script that can test them against other online services. Stats show clearly that a not inconsiderable portion of them work.
In recent months, we've seen credential stuffing attacks against the users of a number of different organizations and online service providers, including Transport for London's Oyster website, HSBC, and Dailymotion. As we mentioned already, pulling off these attacks requires very little in terms of effort, and the potential profits are serious, which means that this sort of activity is unlikely to die down any time soon.
Some of you may be lucky enough not to know what having an online account compromised feels like. You may have also managed to avoid getting malware on your computer. We're pretty sure that you have all seen and dealt with spam, though.
Many people see spam as little more than an annoyance designed to sell shady pharmaceutical products and lure people onto shadier dating websites. They think that the damage spam emails cause is limited to the few minutes of lost time dedicated to deleting them. It's a bit more complicated than that.
Despite the huge number of people who are convinced that they know better, spam is still at the center of some of the world's most high-profile attacks. Research shows that spam accounts for very nearly half of all emails sent and received every day, and in recent months, spammers have found other clever ways of reaching their victims.
The scams facilitated by spam are no longer limited to simple, well-known Nigerian Prince-type operations. In fact, these scenarios are gradually being phased out in favor of sophisticated, multi-stage schemes and phishing attacks that can successfully fool even the more experienced users.
How to stay safe?
Obviously, this is far from an exhaustive list of threats. Other cyberattacks involving ransomware and banking trojans are also extremely popular with cybercriminals, and they can cause just as much (if not more) harm.
Unfortunately, the wide diversity of attacks you need to watch out for means that there is no single, one-size-fits-all solution for keeping yourself (and your data) safe. You can, however, follow some common-sense tactics that should improve your security. Use a reliable security product, double-check every email you open and every link you click, and make sure that your password management is up to scratch.