It’s hard work running a business. It almost makes you ache for a simpler time when all you had to worry about was shoplifters stealing your goods. Now you’ve got confidential data, trade secrets, and, of course, plenty of money at stake.
We’ve taken a look at the top five threats keeping cybersecurity experts awake at night. But new research from RiskIQ brings even more bad news that you probably don’t want to hear. Check out these five fierce facts about cybercrime below.
5. The Global Attack Surface Is Big – Really Big
To give you an idea of the capability of RiskIQ, the company analyzes over two billion HTTP requests every day. They deploy web crawling infrastructure that checks terabytes of passive DNS data, millions of SSL certificates, and monitor mobile apps to see how large the scope of an attack surface really is. In other words, how much of an opportunity is there for hackers to break in?
Over a two-week period, they analyzed over three million new domains and 77 million hosts that could all be potential targets for a hacker. Since many modern websites share the same frameworks, plugins, and third-party apps, the hacker’s job is even easier. Just as we can create websites faster and easier, so can hackers come up with malicious code to infiltrate them all.
And one of the largest vectors is content management systems (CMS) like WordPress. In fact, RiskIQ found that over 13,000 WordPress plugins were among Alexa’s most-visited sites. And some 3,390 of them showed critical vulnerabilities running at least one weak web component.
4. Hackers Probably Know More About Your Attack Surface Than You Do
How confident are you in your IT department? How certain are you that you track and monitor 100 percent of your internet assets? Because RiskIQ research found that at least 30 percent of companies have more internet assets than they thought.
This could be due to shadow IT, M&As, or a simple lack of organization. Shadow IT occurs when an IT department outsources for a time and fails to include all internet assets in the company security program. If this happens over a period of time, it becomes an easy vector for a hacker, since these assets remain unpatched and don’t pass security frameworks.
Mergers with other companies often lead to this, as the list of assets is frequently incomplete and sometimes chaotic. Internet assets include elements such as domain names, certificates, hosts, and apps.
3. Sometimes Things Are Out of Your Control
Despite your best efforts to protect your customers’ data, sometimes things are outside of your control. Just think about the MyEtherWallet phishing attack. Social engineering is on the rise, and hackers are getting more and more innovative. Their main tactic? Impersonating your company.
This could either be through a website, email, or social media page. These are all common ways of tricking customers and employees into giving away key information and installing malware.
In Q1 of 2018 alone, RiskIQ identified more than 25,000 phishing domains posing as almost 300 brands. 40 percent of them were in the financial services industry. The best way to combat phishing? Educate your customers, educate your employees, and be ready to take impostor sites down as soon as possible.
2. The Mobile Attack Surface Is Scary
We tend to think of the Google Play Store and Apple’s App Store as the only mobile app stores available. In actual fact, there are plenty more. A host of affiliate stores serve the Android market, and they can present a wealth of opportunities for bad actors to replace legitimate apps with fake ones.
RiskIQ found an incredible 21,948 blacklisted mobile apps, equating roughly to 1.5 percent of all new apps. Almost all of these apps claimed READ_SMS permission, allowing them to intercept messages that could circumvent 2FA.
Users should always download apps from the primary app stores and be extremely careful when researching the apps they download. If it doesn’t look legit and it’s asking for too much information, it’s probably best to avoid.
1. Cryptocurrency Miners Are Out of Control
We’ve already heard about cryptojacking and botnet miners steadily feeding off our CPUs. But these latest stats are enough to make your eyes bleed. More than 50,000 websites have been running Coinhive over the last twelve months (whether knowingly or otherwise).
There is now an average of 495 new hosts that run cryptocurrency miners every week. And even worse than that? Many of the crypto mining scripts found have been active for over 160 days already, meaning companies have failed to detect them.
Cybercrime is no laughing matter. In fact, it’s spiraling out of control. Defensive methods are no longer sufficient. Companies wanting to keep ahead of the hackers will have to be more proactive in taking stock of and monitoring their assets. Or watch them fall apart piece by piece.