New data shows a resurgence in successful ransomware attacks with organizations in specific industries, countries and revenue bands being the target. While every organization should always operate under the premise that they may be a ransomware target on any given day, it’s always good to see industry trends to paint a picture of where cybercriminals are currently focusing their efforts.
The InterPlanetary File System (IPFS), a distributed file-sharing system that represents an alternative to the more familiar location-based hypermedia server protocols (like HTTPS), is seeing more use in file-storage, web-hosting, and cloud services. As might be expected, more use is accompanied by more abuse via phishing attacks.
Unfortunately ransomware attacks have taken another victim. The City of Dallas recently confirmed that their police department suffered a ransomware attack. This attack shutdown essential services along with some 911 dispatch systems. This was announced in a statement by the city in a press release. "Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment.
The U.S. government created a new office to block disinformation. The new Foreign Malign Influence Center (FMIC) oversees efforts that span U.S. military, law enforcement, intelligence, and diplomatic agencies. The FMIC was established on September 23 of last year after Congress approved funding, and is situated within the Office of the Director of National Intelligence. The FMIC has the unique authority to marshal support from all elements of the U.S.
The evidence is clear – there is nothing most people and organizations can do to vastly lower cybersecurity risk than to mitigate social engineering attacks. Social engineering is involved in 70%-90% of all successful attacks. No other root cause of initial breach comes close (unpatched software is involved in 20% to 40% of attacks and everything else is in the single digits). Every person and organization should create their best possible defense-in-depth plan to fight social engineering.
The Cyberwire reported: "Barracuda released a study this morning indicating that HTML attacks have doubled since last year. The researchers note that not only is the total number of attacks increasing, but the number of unique attacks seems to be increasing as well.
The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated willingness to trust communications they receive and to follow the instructions and links such malicious communications carry.
Walmart’s rise to become the brand most likely to be impersonated in Q1 of this year is a real problem. If you’ve been paying attention to brand impersonation in phishing attacks, you know the premise is to use a brand that a large number of potential victims do business with as a means of both establishing credibility. For many quarters, we continually saw Microsoft and/or Microsoft 365 as the brand of choice due to its wide use.
March saw a huge jump in ransomware compared to January and February, signifying that organizations should expect to see a lot more of these attacks this year. With security solutions getting good at spotting and stopping malware on endpoints and servers, you’d think that ransomware attacks would be dwindling. But, according to the NCC Group’s Cyber Threat Report for March 2023, it feels a lot more like 2023 is going to be a repeat of 2022, but at significantly higher attack levels.
The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more dangerous. I’ve covered both the threat of business email compromise and response-based email attacks before. How can I not? They are prominent techniques used by phishing scammers everywhere. But it’s the reported combination of the two by Phish Labs that has me concerned.
