11 OCT 2017

The main IT threats of 2017 (Part II)

What are the main IT threats that a company or an individual can meet? We have already discussed some of these in the first part of our article. After examining important issues such as GDPR, the Internet of Things and new opportunities of attack for hackers in the world, we continue here the excursus dedicated to IT threats speaking about ramsonware, scams Business E-mail Compromise, cyber propaganda and viruses for mobile devices.

Ramsonwares

The number of new ransomware families is set to stabilize itself, while attack methods and targets are going to be more diversified and are going to involve IoT devices and non-desktop terminals such as PoS and ATMs. In general, a ransomware is a particular type of malware that, after infecting a computer, proceeds to encrypt all or a part of the data contained in the computer through a cryptographic key known only by the attacker. Once this operation is completed, a message is displayed and it asks the user to pay a certain sum (usually in Bitcoin which is not traceable) to obtain the key necessary to decrypt the files. Normally, to increase the psychological pressure on the victim, a rather narrow time frame is also established, once the time is expired, the key is eliminated and the data are definitively irrecoverable.

The only defense strategy possible against a ransomware, in addition to the adoption of behaviors to minimize the risk of infection, is the use of a data backup policy.

Compromise Business E-mail scams

Business E-mail Compromise (BEC) scams continue to grow in 2017, as they are simple, high-yielding forms of corporate extortion. In fact, with a simple scam of an employee, a BEC attack can also make 120 thousand €. A BEC scam is a particular type of fraud that is based on the sending, by the attacker, of e-mails that are identical to those normally received by the user who is the victim of the attack. The scam is based on the ability to push a user to act instinctively trusting the content of the e-mail that receives and the authority of the alleged sender, who is often a senior executive as could be the case of an employee who receives from the manager administration an email containing indications on the disposition of a payment towards a subject.

Unlike regular spam campaigns, BEC attacks are highly targeted and often the attacker has used all the tools at his disposal to make sure that the e-mail is indistinguishable or substantially indistinguishable from the authentic ones.

Cyber propaganda

Now 50% of the population is connected to the Internet, so cyber propaganda is going to continue to grow, with the risk of influencing public opinion with inaccurate information, just at the moment when new leaders or important issues are voted. With the term “cyber propaganda”, we mean the set of techniques and IT tools used to direct public opinion in a particular direction. The goal is the same of classical propaganda techniques; the main difference is the use of IT tools (social media, fake news sites, etc.) to transmit the message. These IT tools allow to reach a very large number of subjects more efficiently.

Viruses for mobile devices

In 2017 the trend related to viruses for mobile devices is substantially tracing what we have seen in previous years: in a nutshell, the virus risk, for updated devices and in the absence of users’ risky behaviors, is very small compared to what occurs for PCs.

The vast majority of malware infections on mobile devices are due to incorrect user behaviors (installation of cracked software and/or obtained from unofficial channels, use of tools to circumvent security measures of the device (rooting, jailbreaking), etc.).

Elaborated by Lucia D’Adamo, supervised by Marco Pirrone