Hackers are getting smarter and are hitting businesses with new types of cyber security attacks. Can your organization keep up?
Here are five big trends found in the company’s analysis of breaches and attacks from the first half of this year:
1. Watering hole attacks
As criminals move toward targeted breaches focused on specific organizations, one of the techniques quickly growing in popularity is the so-called watering hole attack.
For this type of attack, criminals track the web browsing habits of a chosen group of people and then try to compromise a site that is frequently visited by that group. That allows the hackers to spread malware or steal information from a number of employees within the same organizations.
So far, several tech companies and government agencies have been compromised using watering hole attacks.
While website owners will be trying to keep their sites from being compromised, businesses can help stay safe by making sure all web browsers are patched and up to date.
2. Compromised social networking profiles
Social media security threats are about as old as the sites themselves, but in 2013 hackers have started using a new method for spreading malware through those networks: compromising the accounts of notable people or organizations with large numbers of followers.
According to IBM, there is even a growing black market in which hackers trade credentials for those types of accounts.
That’s why it’s important to train users to always be careful about clicking on links posted to social networks — even when they’re seemingly posted by someone they recognize.
3. Web app plugins
Hackers are willing to dig deep to find software vulnerabilities they can exploit. That means even if a primary application is secured, it may have plug-ins and extensions that are vulnerable.
One area where vulnerabilities are likely to be found: plug-ins for content management systems (CMS), which are often used to manage websites. While CMS vendors have been diligent about patching bugs, the same isn’t true for developers of third-party plug-ins, according to IBM.
While 78% of the CMS vulnerabilities found in the first half of 2013 have been patched, only 56% of the flaws in plug-ins have been fixed.
4. Targeted mobile viruses
Over the past few years, two of the biggest cyber attack trends have been an increase in sophisticated attacks targeting specific organizations and a growth in mobile security threats.
In 2013, IBM says, those trends combined and resulted in a series of mobile attacks targeting specific Android users.
As previous reports have shown, there has been a huge increase in Android malware in the past couple of years. And those attacks are only becoming more sophisticated.
In March, security researchers discovered an Android virus called Chuli. The malware was spread to a select group of individuals whose contact information was found after a Tibetan activist’s phone was hacked. Once the others’ devices were infected, criminals could intercept the victims’ text messages and steal their contacts, call history and location information.
According to IBM, the virus was only written to affect that selected group of individuals, so the risk of a Chuli infection for most organizations is low. However, the incident does show how complex and targeted Android malware attacks are becoming.
5. DDoS distractions
In another type of targeted attack, criminals are increasingly launching distributed denial-of-service attacks against select organizations to bring their systems down. Often, those attacks are meant to provide a distraction so that the hackers can steal sensitive data while IT teams are busy getting the business back up and running.
According to IBM, that type of attack has been seen being used against several banks and other organizations since 2012.
That is forcing IT departments to make difficult decisions to dedicate some staff time to monitor for more serious attacks rather than putting all of the effort into the clean-up.
What IT can do
As hackers’ attacks become more sophisticated, there isn’t much organizations can do to fully block them. A lot of commonly used security tools are only effective against malware that has been previously reported and other known types of attacks, making it difficult for businesses to stay ahead of the hackers.
However, there are ways IT can significantly lower the amount of risk the company faces. IBM recommends companies:
- Train users to recognize common types of attack and new ones that are bound to appear in the future.
- Keep all software updated and apply all patches as they’re released.
- Uninstall unecessary software, especially unused web browser plug-ins, and disable any browser functions — such as Java — that users don’t need.