While hackers are becoming more adept at finding holes in enterprises, the almighty dollar remains the top motivation behind most cybercrime, a new study said.
The cybercrime “business model” has shifted from “high volume toward high yield” over the last few years, said Charles Renert, vice president of research and development for Websense Labs, which conducted the study.
Hackers have been widely deploying phishing emails and similar tactics for years, indiscriminately hoping to collect financial information from anyone trusting enough to open a suspicious attachment or click a random link. While these methods still work. Renert said other types of attacks shifted toward preselected, high-value targets.
Renert said the attack for cybercriminals starts with them employing social engineering strategies to lure specific targets into compromising their online security. Whereas virus-laden emails traditionally included awkward grammar and other telltale signs, modern iterations are products of research. Renert said attackers might monitor a would-be victim for months, accruing and mining data until they’ve devised a personalized lure so individually “irresistible” that even a high-level executive or government official might slip and make a mistake.
The Websense study reported cybercriminals prefer to attack through Web browsers. The company found a 600 percent increase in such techniques over the last year, with 85 percent of the activity coming from legitimate sites that suffered an attack with malicious code.
The whitepaper also found hackers tailored their strategies to snare mobile users. Stating people use smartphones to access social media 50 percent more often than to make phone calls, the report argued this abundance of on-the-go sharing has encouraged users to feel nonchalant about links accessed on mobile devices. Websense believes hackers are exploiting this casual attitude; the report notes 32 percent of social media schemes used shortened urls to make their malicious links less suspicious.
Websense found Facebook secure in and of itself but nonetheless “a rich target for cybercriminals who use lures containing links to malicious Web content.” Twitter, however, was such attackers’ favorite prowling ground.
The report noted jail-broken phones and email are among the other avenues hackers use to bypass security, but Renert said remains important to consider not only the attacker access points but also the techniques they uses once they’re in. To illustrate, he explained that most malicious software “calls home” to the attacker within minutes of being installed. “If you’re looking at it heuristically,” he said, “this is very suspicious behavior” that security programs might detect.
Renert said the growing ubiquity of exploit kits has contributed to the upsurges in both the number of hacking incidents and the sophistication of attacks. Such kits give less-skilled attackers access to more elaborate tools and techniques. Renert said they “are a big piece of the equation” and mean that hackers don’t need “to be all PhDs out there.”
Click here to register for the Websense report.