Review of Dark Reading’s 2020 Malware Threats Survey

Review of Dark Reading’s 2020 Malware Threats Survey

Add Your Heading Text Here

In the video and audio above I go over a research report that DarkReading.com conducted. It’s based on 115 IT and cybersecurity professionals from companies of all sizes. It was published earlier this year May 2020, and it focuses on primarily on the North America region. The reason things like this are important because you can get an idea of what is out there what’s going on, so you have an overall view of what’s happening. I know the sample size might seem small, but it’s still relevant. It’s tough to get a lot of people to respond to this type of thing. And I think that’s actually pretty good response.

47% of organizations experienced a serious data breach, or compromised, at least once a year.

My first thoughts here is what defined as a serious data breach? Is that something where it costs you money because you lost your clients data you got sued, or a serious data breach where you lost information and maybe you didn’t lose any money, but you still lost something. Still pretty high number of companies having a data breach, or compromise once a year. That’s pretty big deal.

36% of organizations reported "frequent" encounters with business email compromise attacks, compared with 28% in 2019. 14% reported frequent compromises from BEC attacks.

That’s a pretty big jump in growth. Business email compromises are really easy to miss and really easy to get hit with it seems. It’s really not a new attack, but the frequency that we are seeing it, is new. The way a BEC works is that the party you are doing business with has already been hacked and then the hacker injects a new information into an email conversation causing you to believe the email is from a trusted source. The Information the hacker is inject will attempt to get you to either give credentials or send money to the wrong place. You can easily beat this by setting requirements that when either money, or some other type of thing is going to be transferred you are required call the person and verify the new information is correct.

80% of respondents are very concerned about the growing number of attacks on cloud service providers.

Cloud services are great but my biggest issue with cloud services is that you do not control the data anymore. When you give up that control, you are relying on that company to secure your information. Let us say it is AWS, Microsoft, Google, whoever you are giving up that control, and you have to now trust that company to not screw up and lose your data. It is a hard thing to hand over to another company, plus I do not really trust them. I use a company called SpiderOak, it is zero knowledge access, they cannot access my data. And if I lose my keys, I cannot access my data. It makes things a little riskier, but at the same time things are more secure. As more and more people go on the cloud, it is going to become a bigger and bigger target. Think about Microsoft is one of the biggest targets attacked. Example, people write malware, specifically for Microsoft because Microsoft is roughly 80% of desktops, so why would not I write the malware for cloud platforms or for Microsoft. People and their information are there.

69% are very concerned about malicious use of deep fakes.

I have not seen deep fakes being used in the wild, yet. I have not heard of any of that either and I try to stay pretty in tune with the underground. I am going to have to look into how you could use a deep fake in a hack. I really do not know what you would use the deep fake for. Deep fakes are just somebody overlaying video images and creating a fake video of you. I guess, it could be used maliciously to hurt someone’s reputation. Or other types of attacks like that, but as for attacking a business or a healthcare provider with a deep fake? I just do not see what the potential uses for that. I will look into it but I currently don’t see why people would be very concerned about it except for reputation attacks.

86% of respondents expect to see attacks that use AI as a weapon within the next year, 16% reported that their organizations already detected such attacks frequently.

If you do not know what A.I. stands for it’s artificial intelligence and it is going to be a huge factor in all cyberattacks. The bad guys are always faster to implement new technology than anybody else because they don’t have to wait on anybody to cross the T’s or dot the i’s. They just do it. I can definitely see a major increase in AI usage. Actually, I am looking into how AI can be used to defend against AI attacks, or what processes need to be implemented to stop AI attacks. It’s a really tricky thing because you’re dealing with a program that can run thousands of scenarios really fast to find the attack that works best against a server. It basically automates everything. It’s very interesting issue.

69% of respondents said they "frequently" or "very frequently" detect phishing attacks; 22% reported being frequently compromised in such attacks.

Phishing attacks are the easiest way for a criminal to attack you. It doesn’t take a genius to do it. And it’s cheap, easy and almost no cost to the attacker. Anyone can get an email account from anywhere and then send you an email with a link or a file. It doesn’t take anything for a criminal to launch this attack. It’s not surprising that fishing is one of the most popular cyber-attacks.

33% of it in cybersecurity leaders perceive ransomware as the biggest threat. Over the next few years, 30%, say it's phishing attacks.

My thing with this is that phishing attacks are a delivery mechanism and ransomware is the action is what’s being delivered. Given, I can use dozens of different ways to deliver ransomware a dozen different ways. I could access somebody’s network and install ransomware. I still think phishing is probably more important of an issue than ransomware. I don’t see ransomware as a big of a problem as phishing because phishing delivers anything where ransomware is just one attack.

43% believe their organizations are more frequently infected with malware than one year ago

Malware is ever evolving. Like I said earlier, cyber criminals are always developing new things and they are faster to deploy them. They are fast to find vulnerabilities and just go for it. They don’t have to wait on anyone’s permission. Malware is going to be definitely be an issue forever. And a lot of the malware, that gets put on your machine is caused by you, or they have to gain access to your machine somehow. It doesn’t just magically show up on your machine, you’ve clicked on something or you’ve downloaded something. And it’s education based that can fix this. Not to say that somebody can’t access your network, and then upload malware. It’s just not as common, I would say. But malware is constantly evolving. You have people constantly creating new things

44% of respondents said phishing was the most common method that threat actors used to evade their security defenses.

Yes, because they are manipulating the human factor. The human is flaw in every system. No matter how awesome your network security, the human is always the flaw. That’s what phishing attacks target, I honestly think that should be a higher number than 44%.  

92% of organizations believe they can benefit from threat intelligence services and feeds.

 Alright. Threat Intelligence, if you don’t know what that is, it’s basically where a cybersecurity tries to assess how big of a target your company is. I am a big advocate of I go on the dark web and I trying to figure out what the bad guys are doing. Breached databases are the biggest source of threat intelligence because they are good sources of information to use in a hack.

About 49% would “hack back” at attackers if they could do so legally.

Hacking anybody is technically illegal. If you are hacking in without their permission is illegal. My other issue with this, other than the fact that it’s illegal. Is you don’t have the funds to fight the criminals. Yes, they are attacking you. But when you attack them back, they’re gonna attack you back hard. Do you have the funds to fight these guys? Because it’s gonna cost a lot. Of course, you can set a honeypot but that’s not illegal. With a honeypot, which a honeypot is just a way to grab people’s information. I have tons of honey pots. One of the biggest things though is. What if you just set a trap for them, you set a honeypot, and that honeypot contains a RAT and they download the RAT thinking it’s your files or something like that. Then it ends up and hacking their computers and installing on them. Well now you just became the criminal to. It’s a very interesting concept. Do you have the right to defend yourself on the internet? That could get you into a very controversial topic. Honestly, I don’t see why you need to hack them back. I think you need to figure out who they are, where they are. And there are ways to do that without hacking them, per se. That can be a very slippery slope very dangerous, because you never know who you’re actually going up against.

Wrapping It Up

If you have any questions about this article you can email me at josh@greenknightdigital.com. Here’s our legal information, Green Knight Digital Investigations LLC, 1617 Park Place Ave, Fort Worth Texas 76110. Texas Private Investigator license number, A11652801. All right, I met my legal requirement. We are a private investigations company, and a cyber security company, an investigative cybersecurity company. I think it’s important to be able to investigate what is going on and find the bad guys to stop them. I have a lot of techniques, and my team has a lot. We all work on techniques to find these guys and protect you from them. If you have any questions, shoot me an email or call 682-841-4294.

Leave a Reply