Part 2: All rise! Mind these digital crimes and arm your business against them

In the first installment of this two-part series, we advised consumers to stay on top of a selection of up-and-coming crimes to significantly lessen the chances of encountering them in the future. For this post, we’re going to look into digital crimes that keeps small businesses and large enterprises on their toes: cloud attacks, attacks over SSL, ATM malware, and RDoS attacks.

It’s important to note that regardless of any digital attack an organization might face, fostering a culture of cybersecurity plays a massive role in arming employees with knowledge of what these attacks are and how they should respond if and when such incidents happen.

Let’s begin!

Cloud attacks

Many are surprised with how quick cloud computing has taken hold. In fact, Internet users who may not have heard about “the cloud” likely have no idea how much they rely on it when they check updates on Facebook, their work mail, or their online bank statement. Indeed, cloud services have made our lives a lot more manageable, to the point that we think everything we need is just within reach of our fingertips, wherever we are in the world.

Unfortunately, online criminals have caught on and started using cloud services as lures to dupe people into handing over their account and personal details. Retrieved credentials—say, for work email—are then used to access the account to gain further access to other repositories the credential owner has rights to, primarily company files stored in other cloud services. And this is just one of the many possibilities that could happen to compromised enterprise accounts.

How to protect your business

Attacks over SSL/TLS

Secure Socket Layer (SSL) or Transport Layer Technology (TLS) is a protocol wherein transmissions between a server and a browser are authenticated and encoded. While an increasing number of companies are learning and adopting encryption as part of their security and privacy strategies, using secure communication over the network to hide malicious antics is how threat actors level up the playing field. We’ve seen this in multiple malvertising campaigns in previous years. Malware being sent over an encrypted channel is not new either. Phishers, on the other hand, mainly use SSL as a way to make their campaigns more believable, seeing that more Internet users are clued in on what to look for on a potential phishing page.

Some threat actors use free SSL certificates, while others have breached company sites with them already installed. Regardless, organizations have a big hand to play in stopping the bad guys by securing their websites and also educating their employees on current, more sophisticated criminal tactics.

How to protect your business

ATM malware

Crimes involving ATMs don’t necessarily require physical skimming devices. Sometimes, there’s malware—and a bit of phishing—in there, too. And these two combined form network-based ATM attacks. Europol’s European Cybercrime Centre (EC3) and Trend Micro’s Forward-Looking Threat Research (FTR) Team have circulated a 40-page report, warning banks about the rise of ATM targeting. Based on this report, not only is ATM malware becoming commonplace, it has evolved remarkably through the years.

EC3 and FTR have also revealed that there are two objectives of ATM malware: (1) empty the affected machine from cash, which is called “jackpotting,” and (2) record card data from clients using the affected ATM, effectively acting as a virtual skimming device.

Below is a video shared by Bleeping Computer about the latest ATM malware sold on the Dark Web in action:

How to protect your business

Ransom DDoS (RDoS) attacks 

A distributed denial of service attack, or DDoS, involves the use of hundreds, if not thousands, of electronic devices controlled by a botmaster. These devices are then used to attack an organization by overwhelming their network with garbage traffic, resulting in websites being shut down and clients not being able to access them for an indefinite period. This translates to a significant loss of profit and disruption of productivity. An RDoS attack happens when an organization is threatened with a DDoS attack but fails to deliver or ignores a threat actor’s demands for money, which is usually in the form of cryptocurrencies. According to a Kaspersky report, a majority of threat actors behind these attacks are beginners and not organized hacker groups. Regardless, a DDoS attack is not something any company with an online presence would want to get entangled with.

Although RDoS attacks on enterprises regularly make the news, small businesses shouldn’t be lax as they have more to lose in the event of such attacks. Unfortunately, a vast number of small business are ill-equipped to handle DDoS and RDoS attacks.

How to protect your business

Regardless of the nature of the business, as long as you have an online presence—if we guess correctly, almost all SMEs have this—securing your assets, which are either stored in the cloud or on-premise, should be an essential part of any business plan. Organizations of all sizes can no longer afford to overlook security and privacy matters regarding how they should handle confidential company and client information, especially with the arrival of GDPR.

On the other hand, users are also responsible for making sure that their electronic devices are protected both from unauthorized physical and electronic access, their sensitive information kept behind digital lock and key, and that the resources and assets they use for work are maintained within acceptable security standards.