Mitigating common cyber threats

By Jeff Hurmuses, Area Vice President and Managing Director, APAC, Malwarebytes

Cybersecurity is a growing cause of concern in Asia Pacific. Having witnessed large-scale cyberattacks targeting banks, governments, and companies in the Philippines, Taiwan,
Vietnam and India, the Asia Pacific region is rapidly becoming a hotbed for cybercrime, thanks to its fragile geopolitical situation, prominent role in the global market, and rising
Internet penetration rate.

The most recent Malwarebytes Asia Pacific State of Malware Report also discovered a significant shift in cybercriminal attack and malware methodology from previous years,
with ransomware, ad fraud, and botnets having risen to prominence in the current threat landscape.

While hackers are increasingly moving towards utilising sophisticated tools to carry out cybercrimes, there are still some who are fairly predictable and lazy in their approach.
And analysing their schemes can go a long way in protecting Asia Pacific companies and individuals from financial losses related to cybercrime.

Here are some common cyberattacks and ways to mitigate associated risks.

1. The Browser Locker
The browser locker, better known as the fake blue screen of death, throws gibberish errors at the user and prompts him to call an Indian boiler room, subjecting the victim to
be fleeced an average of US$500. Some feature tweaks by major browsers have pushed tech support scammers to come up with creative iterations, including registry hacks, to
replace the Windows shell with a locker.

Some browser lockers show some ingenuity like manipulating the browser’s history function, but most are basic, featuring a novice-level script iteration that prevents users
from closing the browser. Users attempting to close the browser will receive a recurring alert with a message prompting them to call a scam number. And the good news is, there are different ways to mitigate browser lockers, which have caused hundreds of millions in losses. Given that most browser lockers are delivered through malvertising, users can consider leveraging adblockers, which block ads and filter content. Turning off Javascript in the browser, refraining from downloading software from third-party app stores, and simply force-quitting a locked browser are some other ways to mitigate this scheme.

2. DDOS Extortion
With Distributed Denial-of-Service (DDoS) bots for sale, sometimes even on the clearnet, DDoS itself does not figure among the most sophisticated attacks today.

DDoS extortion is one notch lazier: An attacker will simply send an email to a corporate security staff and threaten to carry out a cyberattack on his company if he fails to pay a
bitcoin ransom immediately. As the ransom costs relatively low, companies in industries requiring continuous uptime oftentimes simply shrug their shoulders and pay. However, the best course of action in response to DDoS extortion is talking to one’s service provider to work out mitigations instead of negotiating with the attacker.

3. SQL Injection
SQL Injection has appeared in the Open Web Application Security Project (OWASP) Top 10 Most Critical Web Application Security Risks in 2007, 2010, and 2013, even topping
the list in 2013. While SQL Injection takes a modicum of technical skills to pull off, from finding vulnerable sites to executing and safely exfiltrating dumped files or data, the
scam is also very predictable, having not really changed much since it was first publicly discussed in 1998.

It is quite easy to avoid SQL Injection vulnerabilities, which arise from dynamic database queries requiring user inputs. Software developers simply need to refrain from writing
dynamic queries or find ways to stop malicious user-supplied SQL inputs from affecting the logic of the executed query.

4. Business Email Compromise
Attackers sometimes pose as bosses, demanding employees to immediately wire large amounts of money to overseas accounts. After all, attackers know that most employees
will not question their bosses’ orders, especially if these bosses are controlling, overbearing, and demanding. Coined as business email compromise, the scam has cost
victims millions. In 2016, in Singapore alone, local police estimate that close to US$14 million has been lost through similar scams.

There is a reasonably simple mitigation against the business email compromise scam: Bosses and employees should be able to communicate openly with each other.

Environments, where individual contributors are comfortable asking questions to clarify matters with their boss, especially when the latter gives unusual orders, stand a much
better chance of defending against this attack.

5. Macro Malware

Macros are commonly used in Microsoft Office documents, such as Microsoft Word and Microsoft Excel, to automate repetitive tasks and save time. Years ago, Microsoft Office had macros enabled by default, and this made Microsoft Office documents a great malware delivery vector: Hackers could easily program macros to run all sorts of arbitrary code on victims’ PCs once malicious attachments are opened.

The best defence against macro malware is disabling macros, regardless of how convincing the attacker’s spiel is. On a broader scale, professionals can also promote a collaborative document-editing environment that eliminates the need to pass files around the office to defend against a wide variety of malicious attachments.

Sometimes, vigilance is key to safeguarding companies and individuals from cybercrime losses. Given that a bulk of cyberattacks are easily avoidable, organizations should take
the time to understand predictable schemes employed by hackers and study how they can effectively mitigate cyberthreats.

About Jeff Hurmuses
Jeff Hurmuses is the Area Vice President and Managing Director, Asia Pacific, at Malwarebytes. A highly experienced executive with three decades of experience under
his belt; Jeff has a proven track record of building and leading fast-growing enterprise technology companies in the Asia Pacific region.

In his current role, Jeff leads Malwarebytes’ endeavors throughout Asia, with an initial focus on driving business in Australia, Hong Kong, India, Indonesia, Malaysia, the
Philippines, Singapore and Thailand.

About Malwarebytes
Malwarebytes is the next-gen cybersecurity company that millions worldwide trust. Malwarebytes proactively protects people and businesses against dangerous threats such as malware, ransomware, and exploits that escape detection by traditional antivirus solutions. The company’s flagship product combines advanced heuristic threat detection with signature-less technologies to detect and stop a cyberattack before damage occurs. More than 10,000 businesses worldwide use, trust, and recommend Malwarebytes. Founded in 2008, the company is headquartered in California, with offices in Europe and Asia, and a global team of threat researchers and security experts.

There are no comments

Add yours