sb-au logo
Story image

Financial cybercrime happened 'almost continuously' in 2019

04 Mar 2020

Financially motivated cybercrime happened on an almost continuous basis in 2019, according to a CrowdStrike report released today.

The study also found an increase in ransomware incidents, as well as a rise in demands from eCrime actors.

The CrowdStrike global threat report confirmed cases of data exfiltration have been rising, which can allow cyber attackers to leak and weaponise sensitive data gleaned from victims.

“2019 brought an onslaught of new techniques from nation-state actors and an increasingly complex eCrime underground filled with brazen tactics and massive increases in targeted ransomware demands,” says CrowdStrike vice president of intelligence Adam Meyers.

“As such, modern security teams must employ technologies to investigate incidents faster with swift pre-emptive countermeasures, such as threat intelligence, and follow the 1-10-60 rule,” said at CrowdStrike.

The 1-10-60 rule suggests security teams to detect intrusions in under one minute; investigate in 10 minutes; contain and eliminate the adversary in 60 minutes. 

Organisations that meet this benchmark are much more likely to eradicate the adversary before an attack spreads from its initial entry point, says CrowdStrike.

Some other key features of the report:

Malware-free attacks enjoy a boom

The trend toward malware-free tactics accelerated, with malware-free attacks surpassing the volume of malware attacks.

In 2019, 51% of attacks used malware-free techniques, compared to 40% using malware-free techniques in 2018, underscoring the need to advance beyond traditional antivirus (AV) solutions.

Ransomware does not discriminate by industry

The industries at the top of the target list for enterprise ransomware (Big Game Hunting) observed were local governments and municipalities, academic institutions, the technology sector, healthcare, manufacturing, financial services and media companies.

North Korea eyes cryptocurrency

In addition to supporting currency generation, North Korea’s targeting of cryptocurrency exchanges could support espionage-oriented efforts designed to collect information on users or cryptocurrency operations and systems. 

In addition, CrowdStrike Intelligence suspects that the DPRK has also been developing its own cryptocurrency to further circumvent sanctions.

“This year’s report indicates a massive increase in eCrime behaviour that can easily disrupt business operations, with criminals employing tactics to leave organisations inoperable for large periods of time,” says CrowdStrike vice president of OverWatch Jennifer Ayers.

“It’s imperative that modern organisations employ a sophisticated security strategy that includes better detection and response and 24/7/365 managed threat hunting to pinpoint incidents and mitigate risks,” says Ayers.

“CrowdStrike’s comprehensive technology, coupled with our visibility into actor motivations and proactive hunting, protects our customers with the critical components needed to stop modern attacks.”

Story image
Phishing scam imitates SharePoint & OneNote for nefarious clicks
Sophos researchers say that the attackers take a slightly different approach to the standard ‘fake login’ phishing email.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Link image
Phishing campaigns aren't stopping - but neither are their opponents
COVID-19 is presenting the perfect opportunity to cyber attackers to mount potentially devastating spear-phishing campaigns against organisations via their remote workers. Learn how to fight back.More
Story image
Kaspersky releases new report on consumer’s approach to digital services
COVID-19 related restrictions and the necessity to stay indoors has influenced the way people approach digital services, making them more aware of how securely both they, and their housemates, use the internet.More
Story image
Commvault launches Metallic in A/NZ region for first global expansion
The Australia and New Zealand region continues to be a priority market for Commvault, as cloud adoption across the region leads global averages, the company states.More