“With new malware, criminals have for years been relying on volume, but what we are currently seeing is increasingly complex attack patterns that can only be fended off with intelligent behaviour analysis,” says Andreas Lüning, co-founder and CEO of G DATA CyberDefense. This is because, in so-called Living Off The Land attacks, attacks are carried out using standard apps that are pre-installed on every Windows system. Lüning warns, however, not only to see the technical dangers.
The future is already digital. IT security will become an essential factor for success. Companies must learn to understand this and not forget the users, who need to be aware of the dangers. IT security begins not at the endpoint, but with you as a person, whether you are a managing director or an employee.
According to security experts at G DATA CyberDefense, one trend in the coming year will therefore be increasingly complex attack patterns. In so-called Living Off The Land attacks, cyber criminals combine Windows standard tools such as Powershell and Bitlocker with a malicious script to execute an attack. They then spy on passwords or encrypt critical data to extort ransom money. To even be able to detect such attack patterns requires behaviour monitoring that can reliably identify even complex processes as being malicious.
The cyber crime business model is flourishing and still developing. In the future, criminal collectives will increasingly focus on division of labour and professionalisation. This means that, while one group specialises in penetrating corporate networks, another team concentrates on exfiltrating or encrypting data from the network. Some earn money by selling access data, others from ransom demands.
Small and medium-sized businesses are increasingly becoming the focus of cyber criminals. It is often easier for criminals to penetrate their networks because the IT security very often has gaps. They are often not even the primary target, but the weakest link in the supply chain, enabling infiltration of a large corporation. Here, all sectors are called upon to implement their own IT security standards. Another problem is that many companies rely on insecure methods of remote maintenance, particularly the Remote Desktop Protocol (RDP).
The healthcare sector especially has a great deal of catching up to do in outpatient healthcare. There is a lack of basic security standards in the area of practical IT. As this area is digitalised, significantly more money needs to be invested in cyber security in order to meet compliance requirements and avoid high fines.
People prevent cyber attacks
Spam email will become more and more valuable in the future for things such as dynamite phishing. Such emails are difficult to recognise as harmful. Therefore the slogan applies more than ever: Think first, then click. Anyone who - thoughtlessly or out of pure curiosity - clicks on a possible million euro win is endangering IT security. Security awareness is still the most underestimated measure for bringing the entire security-relevant defence landscape to a higher level. Companies need to invest in training activities for their employees.
More and more people are using smartphones and tablets as a digital cockpit for their everyday lives, for example to control their smart homes while they are out. And the PSD2 payment directive also ensures that mobile devices used for online banking increasingly have two-factor authentication. This makes them an attractive target for criminals. They mainly use adware to spy on users and collect data.
The G DATA experts are observing a worrying trend in the area of smartphones - the use of stalkerware. Stalkerware offers the possibility of penetrating a person's private life by means of commercially available malware and is used as a tool for abuse in cases of domestic violence and stalking. IT security service providers and victim protection organisations have been working together since 2019 to improve protection - and will launch further initiatives in 2020. Consequently, G DATA is involved in the fight against dangerous apps such as stalkerware. As a founding member of the “Coalition against Stalkerware”, the German IT security specialist is committed to informing users better of potential risks and is working with victim protection organisations to tackle non-technical problems associated with stalkerware.