+
EDITOR’S QUESTION
/////////////////
RAJ SAMANI,
CHIEF SCIENTIST AND MCAFEE
FELLOW, ADVANCED THREAT
RESEARCH AND THE MCAFEE
THREAT LABS TEAM
I
n McAfee’s 2019 Threat Predictions Report, we predicted
cybercriminals would partner more closely to boost threats; over
the course of the year, we observed exactly that. Ransomware
groups used pre-infected machines from other malware campaigns
or used remote desktop protocol (RDP) as an initial launch point for
their campaign.
These types of attacks required collaboration
between groups. This partnership drove
efficient, targeted attacks which increased
profitability and caused more economic
damage. In fact, Europol’s Internet Organised
Crime Threat Assessment (IOCTA) named
ransomware the top threat that companies,
consumers and the public sector faced in 2019.
Based on what McAfee Advanced Threat
Research (ATR) is seeing in the underground,
we expect criminals to exploit their extortion
victims even more moving forward. The rise of
targeted ransomware has created a growing
demand for compromised corporate networks.
This demand is met by criminals who specialise
in penetrating corporate networks and sell
complete network access in one-go.
For 2020, we predict the targeted
penetration of corporate networks will
continue to grow and ultimately give way
to two-stage extortion attacks. In the first
stage cybercriminals will deliver a crippling
ransomware attack, extorting victims to get
their files back. In the second stage, criminals
will target the recovering ransomware victims
www.intelligentcio.com
again with an extortion attack but this time they will threaten to
disclose the sensitive data stolen before the ransomware attack.
During our research on Sodinobiki, we observed two-stage attacks,
with cryptocurrency miners installed before an actual ransomware
attack took place. For 2020, we predict that cybercriminals will
increasingly exfiltrate sensitive corporate
information prior to a targeted ransomware
attack to sell the stolen data online or to
extort the victim and increase monetisation.
“
FOR 2020, WE
PREDICT THE
TARGETED
PENETRATION
OF CORPORATE
NETWORKS
WILL CONTINUE
TO GROW AND
ULTIMATELY
GIVE WAY TO
TWO-STAGE
EXTORTION
ATTACKS.
With 2019’s headlines of ransomware,
malware and RDP attacks behind us, we shift
our focus to the cybercrime threats ahead.
Cybercriminals are increasing the complexity
and volume of their attacks and campaigns,
always looking for ways to stay one step
ahead of cybersecurity practices – and more
often using the world’s evolving technology
against us.
Continuing advancements in Artificial
Intelligence (AI) and Machine Learning (ML)
have led to invaluable technological gains,
but threat actors are also learning to leverage
AI and ML in increasingly sinister ways. AI
technology has extended the capabilities of
producing convincing deepfake video to a
less-skilled class of threat actor attempting
to manipulate individual and public opinion.
AI-driven facial recognition, a growing
security asset, is also being used to produce
deepfake media capable of fooling humans
and machines. n
INTELLIGENTCIO
33