Convenience is the first casualty in the war against cyber crime

Businesses should consider adding manual verification steps into their payment processes to prevent being vulnerable to business email compromise (BEC) type cyber attacks.

Trend Micro Sdn Bhd held a briefing recently to share its security predictions for 2017. BEC attacks featured prominently in their list as it is very lucrative for cyber criminals. According to Law Chee Wan, manager of technical sales at Trend Micro, the pay off for BEC type attacks amounts to US$140,000 while ransomware attacks only net around US$17,000-30,000.

“The way it works is that the cyber criminals hack into the CEO or the CFO’s email address and study it to understand how the company do wire transfers. They then exploit this money processing practice to direct funds into their own accounts by sending fraudulent emails to customers or employees who process payments,” said Law. There is nothing special about the attack, except perhaps the reconnaissance required to gain insights into the best way to craft a believable email.

Companies in industries such as property management, manufacturing and in the supply chain are more susceptible to these kind of attacks, added Law

“The banking industry is one of the few that seem immune from these type of attacks as they still require a paper trail to process payments,” said Law.

Who would have realised that there would one day be a case for red tape!

It is also important for all staff to be vigilant about opening emails and clicking on links from unknown sources as the initial breach originates from such activity.

Other highlights from the 2017 security predictions include seeing a plateau in the growth of new ransomware families – growth is only predicted at 25 percent. Internet of Things (IoT) and Industrial Internet of Things (IIot) devices will increasingly become targets for hackers to carry out distributed denial of service attacks (DDoS). An example of such an attack is the Mirai botnet that took down Twitter, Amazon and Netflix in 2016.

In addition to an increase in BEC attacks, Trend Micro also sees an increase in Business Process Compromise (BPC) attacks where cyber criminals hack into an organisaton’s systems and add, delete or modify entries or intercept and modify transactions. The organisation will process the modified entry or unauthorised transaction and the cyber criminals will receive the goods or money. An example of such an attack was when criminals hacked into the Antwerp Port’s database and changed entries so that drug runners were able to smuggle illegal substances successfully.

New vulnerabilities will continue to be discovered in Apple and Adobe products, which will then be added to exploit kits. Law said that although Apple’s vulnerabilities were low, they were on the increase, while Windows vulnerabilities were on the decrease. Adobe software vulnerabilities remain high.

A rise in cyber propaganda is also predicted. With 46 percent of the world’s population now connected to the internet, an increase in cyber-propaganda will continue as new world leaders are appointed, potentially influencing public opinion with inaccurate information.

Trend Micro also foresees a rise in administrative costs to implement General Data Protection Regulation – which will force changes in business processes and policies – across the organisation.

“BEC attacks and ransomware have dominated the threat landscape so far in 2016, causing immense losses to businesses across industries and we continue to see cybercriminals adapting to the changing technology landscape,” said Goh Chee Hoh, Trend Micro Malaysia Managing Director. “While new ransomware saw an exceptional increase in 2016, that growth is no longer sustainable, so attackers will find new ways to use existing malware families. We foresee new attack methods threatening corporations, expanding ransomware tactics impacting more devices and cyber-propaganda swaying public opinion,” said Goh in a statement.

As to what organisations can do to prevent or reduce the severity of such attacks, Law said that there is no silver bullet that can protect ransomware attacks 100 percent of the time, it is best to block the threat at its source, via Web or email gateway solutions and also to secure the endpoints and the internal network.