Forewarned, Forearmed
Joey Lim, Singapore Country Manager at Exclusive Networks discusses preparedness against new norms of cyberattacks
If you have received a phone call urging you to call the bank regarding recent withdrawals from your dormant account, or instructing you to pack a change of clothes following your close contact to a coronavirus carrier, you can relate to the panic that many others have endured. The incidents may have left you wondering how these cybercriminals obtained your contact details.
The recent cyberattacks on Microsoft and business software developer SolarWinds are stark reminders that cybercriminals are always on the prowl for new targets and access points, reminds Joey Lim, Singapore Country Manager at Exclusive Networks. One of the most common forms of cyber-attack techniques that hackers use is phishing, Lim says; however, with more advanced technologies and new mediums available, phishing is no longer confined to emails, she qualifies. Exclusive Networks is a digital infrastructure specialist. The company distributes managed security services and provides of a range of other services from Infrastructure as a Service (IaaS) to cloud-certified professional training.
With personal information so publicly available on the internet, the seemingly innocent social media posts on birthday celebrations and updates on job statuses can become the perfect place for hackers to identify targets, acquire information to profile them and create highly targeted attacks.
According to a report by cybersecurity company, Tessian, nearly three quarters of people post information on social media that could make them vulnerable to a cyberattack. For example, hackers can build a convincing impersonation of a senior executive from their LinkedIn posts and then target new employees with phishing scams. Hackers could even use machine learning and other automated technologies to track and engage targets on social media.
To what factors can we attribute the apparent high incidence of cyber attack these days? Is the growth of IoT among the factors? Why is this so?
Cybercrime is an ever-evolving landscape but a combination of factors arising from accelerated digital adoption and the sudden shift to remote working due to the COVID-19 pandemic over the past year helped it grow in scale and complexity.
According to Cyber Security Agency of Singapore’s latest report on the country’s cyber landscape, cybercrime cases jumped by more than 50 per cent as threat actors exploit the fear and uncertainty surrounding the pandemic to carry out malicious activities.
Exacerbating the problem for IT professionals is the overnight shift to digitalisation. Home office set ups usually have weaker security controls, which are made worse by remote workers who often use their personal devices for work or connect their unsecured smart domestic appliances such as fridges and airconditioning units to the corporate network.
Despite the increasing popularity of Internet of Things (IoT) devices, many of them are not designed with adequate security or are not installed with proper security procedures. According to Palo Alto Networks’ report, 98 per cent of all IoT device traffic are unencrypted, which exposes personal and confidential data to hackers and puts businesses at risk.
These minor compromises on a large and distributed network can quickly become a major issue as they provide hackers with a gateway to other areas of the corporate network downstream, allowing them to quickly infiltrate entire systems at scale.
What are the latest social engineering techniques that hackers employ in their attacks? Are they easy to detect?
Social engineering techniques are growing in quantity and sophistication as cybercriminals take advantage of the changing situation to abuse various COVID-19 related themes as well as consumers’ increased online dependency.
Instead of the spray-and-bulk phishing attacks, where fraudulent messages are sent en masse, hackers have turned to highly targeted spear-phishing attacks, which rely on stolen identities of victims to create authentic-looking emails that trick recipients. These techniques rely on information obtained online to profile victims and build convincing impersonations for scams.
Hackers are also taking advantage of new technologies such as QR codes, which have recently become a popular way for businesses to engage consumers, to conduct brand phishing attacks. Threat actors use fake QR codes that have been designed to imitate the real thing, and when victims click on it, are led to fraudulent websites or download malware.
Advanced technologies such as artificial intelligence and machine learning are also at risk of being manipulated for malicious purposes. They can be used for web scraping and hacking as well as for engaging targets using speech synthesis or deepfakes to impersonate influential figures, tricking unwitting victims into giving up confidential information.
What makes social engineering dangerous is that they rely on human error, which are much less predictable than vulnerabilities in software and operating systems, making them harder to detect and thwart than a malware-based intrusion.
With most social engineering attacks, hackers are aiming to get low-level insider access. Once they manage to break into the system, they would have a much easier time gaining elevated access to resources and data within the wider corporate network.
What solutions are available to the public and how do they work?
The first line of defence against cyber attacks is to observe and implement basic cyber hygiene. For example, users should avoid opening every e-mail and attachments that are sent to them, change their passwords regularly and use strong ones, enable two-factor authentication and back up their files regularly.
Users could also learn how to identify a legitimate source from a fake one. They can take a moment to think about where the message is coming from by checking the source’s credibility and not trust it blindly.
Additionally, users should ensure that they have adequate antivirus and malware software installed on their devices and make sure that security patches for these are updated regularly for the latest protection.
For companies, they can take it one step further by employing end-to-end protection for their remote and distributed workforce. Integrated solutions such as the Spectra Alliance, a first-of-itskind partnership between security companies CrowdStrike, Netskope, Okta and Proofpoint, secure enterprises’ web, cloud and on-premises activities at scale, enabling organizations to adopt a Zero Trust security posture as they transition to the cloud.
Companies could also leverage artificial intelligence and machine learning by using Security Orchestration, Automation, and Response (SOAR) tools to predict, detect and contain threats, helping them stay one step ahead of modern-day attacks.
What advice can you share with those who want to stay safe while maintaining an active social media presence?
Vigilance is key when using social media. Users often underestimate the amount of information they share online and inadvertently reveal more than they realize on their whereabouts or what they are doing. Hackers can use any sort of information available, from seemingly harmless ones like birthday celebrations to photos of home office workspaces or even LinkedIn updates, to profile their victims.
It is important that users watch out and check what they are posting on social media. Objects included in photos such as documents strewn on the desk or information on the computer screen could accidentally reveal personally identifiable information such as names, home and email addresses, telephone numbers, date of birth, etc. Users should avoid publicizing their movements or locations so that hackers will not be able to track their whereabouts. They should also be wary of the fun quizzes, giveaways and contests on social media that may trick people into giving away sensitive data.