Story image

Australia a target for ‘designer’ cyber threats

04 May 2016

New SophosLabs research has found that there is a growing trend among cybercriminals to target and even filter out specific countries when designing ransomware and other such malicious cyberattacks.

This extra care taken by cybercriminals to target their victims has meant their latest malicious offerings have been deemed ‘Designer’ cyber threats.

The study from SophosLabs found cybercriminals are in fact crafting customised spam to carry threats using regional vernacular, brands and payment methods for better cultural compatibility.

This includes ransomware cleverly disguised as authentic email notifications complete with counterfeit local logos, making it much more believable, clickable and hence more financially rewarding for the criminal.

“You have to look harder to spot fake emails from real ones,” says Chester Wisniewski, senior security advisor at Sophos. “Being aware of the tactics used in your region is becoming an important aspect of security.”

Impersonations include local postal companies, tax and law enforcement agencies and utility firms, including phony shipping notices, refunds, speeding tickets and electricity bills. Contrary to work in the past, SophosLabs has seen a rise in spam where the grammar is often more properly written and perfectly punctuated.

“Even money laundering is localised to be more lucrative. Credit card processing can be risky for criminals, so they started using anonymous Internet payment methods to extort money from ransomware victims,” says Wisniewski.

There were also specific strains of different ransomware that targeted specific locations. SophosLab found that versions of CryptoWall predominantly hit victims in the U.S., U.K., Canada, Australia, Germany and France, TorrentLocker attacked primarily the U.K., Italy, Australia and Spain and TeslaCrypt honed in on the U.K., U.S., Canada, Singapore and Thailand.

“Cybercriminals are programming attacks to avoid certain countries or keyboards with a particular language,” says Wisniewski. “This could be happening for many reasons. Maybe the crooks don’t want attacks anywhere near their launch point to better avoid detection. It could be national pride or perhaps there’s a conspiratorial undertone to create suspicion about a country by omitting it from an attack.”

With cybercriminals having a deliberate hand in creating threats that look authentic and are specifically targeted, it is more difficult to recognise malicious spam – a good reason to have some decent cyber security and a sharp eye to detail!

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.