Executive the threats and how do we prevent/reduce

Executive Summary:

Cyberattacks are very common nowadays as technology is
advancing every single day. Cybersecurity is improving, but cyberattacks are
also become more malicious. Security companies around the world have been
trying to find solutions to prevent the attacks from coming in.

So here is my report on the causes of the threats, how users
suffered from the threats and how do we prevent/reduce the threats from coming.

 

 

 

 

 

1st
threat: Scammers will continue to run profitable ransomware scams

Description:

Cause of threat:

Attackers are
intelligent as they target small and medium companies in order to find way to
get to larger companies. Larger companies have many valuable information that
attackers wanted, and those companies have strong security. But they did not
monitor their partner companies enough, so their partners got attacked instead;
Internet of Things: abundant of electronic gadgets, household appliances etc.
Many of these devices lack of security, attackers will then find these devices
to connect, and steal your information. (reference: https://www.shredit.com/en-us/blog/securing-your-information/january-2015/10-reasons-why-cyber-threats-will-increase-even-mo)

Why is it a
threat:

Ransomware
can be spread easily with user clicking into malicious links sent by email or
compromised email. In other cases, malware is spread through online
advertisement and drive-by downloads, which do not need user to do anything to
infect the victim’s files. Some attacker attacks victims with plans, example
will be several hospitals got infect at around the same time in 2016. These
hospitals will then suffer huge amount of financial loss to unlock the system
quickly. Therefore, it is a threat. (reference: https://www.cisecurity.org/ransomware-facts-threats-and-countermeasures/)

 

Nature of threat:

What are the potential threats faced by online user:

Some
attackers used basic method to lock victims’ system, and some intelligent
victims were able to unlock it. However, there are more difficult and advanced
malware. One technique is called cryptoviral extortion. They encrypt
victims’ documents, causing them to not able to access their own file. Then
attackers will ask for payments, they will help them to decrypt if payment is
in. (reference: https://en.wikipedia.org/wiki/Ransomware#Encrypting_ransomware)

This threat
is first launched in 1989. Its biggest attack is by WannaCry ransomware attack.
It Is a worldwide cyberattack occurred in May 2017, lasted for 4 days. Targeted
computers using Microsoft Windows operating system, locked the computers and
asked for payment. Affected users are those using Microsoft Windows operating
system around the world. It first infected Asia. This attack infected over
230,000 users in over 150 countries, could see how severe this attack is. (reference:
https://en.wikipedia.org/wiki/WannaCry_ransomware_attack)

 

Threat mitigation

How can the
threat be avoided, minimized or controlled:

You will need
to backup your data regularly, but not to external drives like USB thumb drive,
as crytolocker will also lock files on drives that are mapped. What you need is
an external drive or backup service, that will not be connected when you are
not backing up the data;

Filter out
emails with ‘.EXE’ files, or reject emails with files that have two file extensions;

Disconnect
from wifi immediately, if you act fast enough, you might able to stop
communicating with the server before the ransomware finish encrypting your
files. Do this when you suspected a file that is running could be ransomware.

(reference: https://www.welivesecurity.com/2013/12/12/11-things-you-can-do-to-protect-against-ransomware-including-cryptolocker/)

Conclusion for 1st threat:

We cannot be
complacent with these threats going around us, especially Internet of Things
have become part of our daily lives. Cybercriminals will try to use this
ransomware to lock our files, if you are a student or working adult, you have
to beware of these. You have to take actions before it’s too late, like backing
up your files etc.

 

2nd threat: The need
for encryption escalates

Description:

Cause of threat:

Attackers take advantage of the encryption to hide their
malwares from intrusion prevention systems and anti-malware products. Most
companies do not take note of encrypted pathways like Transport Layer Security
(TLS), where malware can pass through perimeter security defences. (reference: https://www.darkreading.com/attacks-breaches/when-encryption-becomes-the-enemys-best-friend/d/d-id/1324580?)

Why is it a threat:

Although TLS internet encryption can benefit in many ways,
skilled attackers can use advanced skills to evade intrusion prevention system.
In August 2015, 900 million Yahoo users are infected. Attackers attack using
malvertising, where they put in malware-laden advertisement into those online
websites. (reference: http://www.dell.com/learn/us/en/uscorp1/press-releases/2016-02-22-annual-threat-report-details-the-cybercrime-trends)

Nature of threat:

What are the potential threats faced by online user:

The malwares that attackers sent is able to get information
about your web-browsing to the attackers, stealing of passwords and data, and
even infect other devices on the same network. They will just invade the users’
privacy. (reference: https://ist.mit.edu/security/malware)

Threat mitigation

How can the
threat be avoided, minimized or controlled:

When there’s
updates available for operating systems, browsers and plugins, go ahead and
update them. This is because they will help to cover up those vulnerabilities
of your computer, it will make  it more
difficult for malware to get through;

If you are
still using Windows XP, which do not have new updates to cover up the
vulnerabilities, delete those legacy applications that you have not been using.
Because you are now open to exploit attacks;

Some fake
companies will use pop-ups, claiming to help you with malware infection. A real
security company will not inform you through pop-ups, and they will not charge
you to fix it. Do not take the bait of these fake companies.

(reference:  https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/)

Conclusion for 2nd threat:

Although
encryption provides security benefits during transmission, cybercriminals will
take advantage of this and get through security defences. Therefore, we are not
fully protected from these attackers yet. Take up precautions that is needed to
at least prevent/reduce the damage on your data.