In the age of drive-by downloads, data breaches, rampant identity theft and millions of other digital threats, good online security is critical. Unfortunately, with attacks coming at you from every direction, it can sometimes feel like it’s impossible to keep up.
However, with awareness and good online security practices, it is possible to reduce the number of threats to a manageable level. From individuals to companies, common sense and basic computer security knowledge can go a long way.
To help us all out, Microsoft just released the 24th edition of the annual “Microsoft Security Intelligence Report” and as usual, it provides insights and recommendations against the latest cybersecurity threats and malware trends of the past year.
Bonus: In this emerging age of the hyperconnected “internet of things” gadgets, how can we protect our privacy and data? Tap or click below to listen to this free podcast about security and the internet of things on your drive to work.
Surprise! Ransomware is declining
The king of malware these past few years was of course, ransomware. Traditionally designed as a for-profit malware scheme, ransomware encrypts important files on computers and demands a ransom to give you access to them again.
But it looks like ransomware reached its peak in 2017. Microsoft reports that in 2018, contrary to predictions that it would only increase in years to come, it was finally on the decline as it fell out of favor as the cybercriminals’ profiteering malware of choice.
How come? Ransomware’s decline is partly due to the increased awareness of the public and better detection systems against it. Simply put, most organizations are now well prepared against ransomware attacks by having file backups, restoring them whenever necessary.
In turn, ransomware encryption is no longer the crippling disaster as it was. And the fewer victims who are willing to pay, the less profit it is for the attackers. And since cybercriminals always go where the money is, they are apparently returning to stealthier forms of profit-focused malware.
Which brings us to the next threat that’s making a big surge forward.
Cryptojacking is the new threat
Poised to overtake ransomware as the cybercriminal’s malware-for-profit of choice are browser-based cryptojackers.
In basic terms, cryptomining is a way to profit by contributing to the validation of cryptocurrencies. Since cryptocurrencies do not have central governing bodies like regular currencies have with banks, they require the public’s help to secure it. To compensate the “miners,” they have the incentive of being rewarded extra cryptocurrencies.
While cryptomining is a completely legal way to earn cryptocurrencies, cryptojacking is another story. It’s a scheme by cybercriminals to profit by using your gadget for cryptomining without your knowledge. Click here for a detailed look at cryptomining.
Cryptojacking software is meant to run secretly in the background without being detected but they can severely degrade your gadget’s performance by consuming more energy.
And the most enticing thing about cryptojackers is that aside from being programmed as traditional malware that can be installed stealthily on a victim’s computer, they can also be run on web browsers without any need for installation.
No wonder it’s starting to become the go-to cyberattack for scammers around the world.
Supply chain attacks are on the rise
Another cyberthreat that’s on the rise is the supply chain attack. This is when the legitimate software that companies use is attacked and its code is compromised.
It’s done by slipping in malicious components into an application or a software update then, in turn, have it distributed automatically to the end users. Since these legitimate applications are trusted by companies and government institutions, attackers can evade software security programs and execute their stealthy schemes.
According to U.S. National Counterintelligence and Security Center, hackers can compromise software code via these methods:
- Booby-trapped software – Developers of such software deliberately write malicious code within the program.
- Reverse engineering – This is when state-sponsored hackers compromise software from U.S. companies by finding vulnerabilities when their code is examined.
- Investments – This a more discreet form of compromise since it involves legitimate large-scale investments by foreign-entities on U.S. based tech startups.
Examples of software supply-chain attacks
Here are a few prominent supply-chain attacks that targeted high-profile companies:
- Last year, popular computer utility CCleaner was modified by hackers to infect 2.2 million users with a back door and spying malware.
- Hackers corrupted and installed back doors on software made by a South Korean company Netsarang.
- A malware campaign called Kingslayer targeted the admin accounts of U.S. firms so hackers can steal credentials and replace legitimate software with hacked versions.
Phishing attacks are still rampant
Another key takeaway from Microsoft’s report is that phishing is still the preferred attack delivery method for cybercriminals.
At this point, everyone knows what phishing is, right? Phishing scams are almost always emails that appear to be from a legitimate business that needs your urgent attention on some matter.
From there, scammers will try to get you to click on their spoofed, fake and malicious links and steal your credentials. If you’re not careful, that is all these criminals need to gain access to a treasure trove of personal information like credit card numbers, personal data and other confidential files.
It’s interesting to note that while the number of phishing attacks on the whole is rising, hackers are increasingly relying more on social engineering than software exploits and malware.
Phishing scammers are now employing new targeting techniques to evade detection. By crafting unique URLs for targeted emails, they can avoid detection from email security software and filtering tools. Instead of sending the emails in bulk from a single URL, it looks like scammers are splitting them up with multiple addresses to bypass phishing message filters.
Microsoft’s suggestions for the best security practices
Finally, Microsoft offers guidance on how to strengthen your organization against these emerging cybersecurity threats. The report noted that “meaningful risk reduction requires a security approach that includes prevention and detection and response.” Here are Microsoft’s recommendations:
Computer security hygiene is critical
- Avoid pirated and unfamiliar software from untrusted sources
- Reduce credential theft risk. Fortify your administrator credentials, too
- Follow secure configuration recommendations
- Keep all your machines and software up to date with the latest patches
- Use strong security software, advanced email and web browser protections
- Be careful when granting administrator permissions to end users
- Be cautious when granting permissions to applications
- Limit and restrict the downloading of programs from unofficial sources
- Limit what applications regular users can run
Always keep backups
- Keep backups of your most critical data. Have three backups whenever possible – two different storage types and one offsite backup
- Use a cloud storage service for automatic offsite backup of your data online
Awareness is key
- Companies should teach employees to be cautious about suspicious communications that require sensitive information and report them to their cybersecurity teams immediately
- As always, be careful about clicking on web links and practice safe web browsing habits
- If a computer is running suspiciously slow, check for tasks and files that are running in the background and submit them to Microsoft for malware analysis. You can submit the files here.