Criminals who launched phishing campaigns during the final quarter of 2018 employed social engineering tactics in nearly one in three targeted attacks, according to Positive Technologies.
A new report entitled Cybersecurity Threatscape Q4 2018 found that in 48% of cyber-attacks the hacker’s goal was to steal data. Specifically, attackers were targeting usernames and passwords in 28% of attacks. In addition, the report found that malware was used in half of those data theft attacks. Once malicious actors obtained the stolen credentials, attackers used them for different services and systems, including corporate email.
“Social engineering featured in nearly one in three attacks in Q4. Criminals routinely operate finely honed phishing schemes against company employees in targeted attacks,” said Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies, in a press release.
“Marketing emails often contain buttons that invite the user to visit a website. But before clicking a button, it is important to check the identity of the message sender and the destination of the link.”
Given that attackers employed more individualized approaches against their corporate targets, the percentage of targeted attacks grew to 62% in Q4. That’s not to say that home users fell off the attacker radar. The report found that while home users were hit by mass malware infections, a third of home user attacks were attempting to steal data. In 60% of the attacks the criminals were aiming for users credentials.
While credentials are a hot target, cyber-criminals are still motivated by money. In fact, the number of financially motivated attacks rose 6% in Q4.
Another distinguishing feature of Q4 cyber-attacks highlighted in the report was the injection of malicious scripts into the code of vulnerable sites, a technique that resulted in the compromise of many government sites that relied on Click2Gov for processing payments.
"Governments are riding the digital wave and moving payments online," explained Leigh-Anne Galloway. "But ease and convenience come at the price of cybercrime-related risks. The Click2Gov online payment portal, responsible for accepting parking, utility, and other municipal payments in the US, was hit by attacks in 2018.
“News of vulnerabilities in this payment service, as well as recommendations for addressing them, were made public in 2017. But judging by repeated attacks, the organizations using this system have failed to keep up with security developments and take adequate protective measures.”