For the past six months, cyber headlines have been divided between scams involving fake technical support and a cyberattack against one country in particular. For a clearer picture, here is a review of the first six months of the year and the major trends that are emerging.
In terms of cybersecurity trends, it is customary to make forecasted for the coming year at the end or beginning of the year – based on weak signals, the latest industry analyses and the views of our experts. Of the four trends we had expected, three have already come to pass...
Cybercrime, a new social phenomenon
A Stormshield forecast: ✔️
Cybercrime is rapidly infiltrating the increasingly digital world of everyday life. “In today's world, every social and economic trend is going to become a target for cyberattackers,” says Matthieu Bonenfant, Chief Marketing Officer at Stormshield.
The latest news proves him right. In Lille, engineering school students used Snapchat to sell pirated transport cards that were pre-loaded with credit for 200 to 300 trips. In Lyon, local entrepreneurs used the concept of fraudulent technical support to collect more than 2 million euros. This phenomenon is currently experiencing an upsurge and is to be found in the second part of the Cybermalveillance.gouv French awareness-raising kit. Finally, in Sweden, young fans of the singer PewDiePie launched two ransomwares to support the Swedish videographer's YouTube channel by forcing victims to subscribe...
One of PewDiePie's alleged fans has released a ransomware that locks people from accessing their data. The ransomware will only let users get their data back when PewDiePie gets 100 million subscribers on YouTube. #PewDiePie #Ransomware #PewCrypt
— Beebom (@beebomco) 1 avril 2019
Corrupted updates of reliable servers
A Stormshield forecast: ✔️
Last March, Taiwanese manufacturer Asus was the victim of a cyberattack that allowed malware to be installed on hundreds of thousands of computers. Because of the corrupted Asus Live Update system, users unknowingly installed a back door in a file called Setup.exe, which bore the Asus digital certificate (the digital identity card).
These attacks, which cannot be carried out by just anyone, can easily bypass the security systems and the vigilance of cybervictims receiving these fake updates. This type of intrusion is likely to happen again
Matthieu Bonenfant, Chief Marketing Officer at Stormshield
“This hack is very significant. People are able to enter publishers' computer networks and use the updating mechanisms to update the items that interest them. These attacks, which cannot be carried out by just anyone, can easily bypass the security systems and the vigilance of cybervictims receiving these fake updates. This type of intrusion is likely to happen again,” says Matthieu Bonenfant.
The boundary between the digital and the physical is getting thinner and thinner
A Stormshield forecast: ✔️
In late June, the US President publicly stated that he had launched a cyberattack on Iranian infrastructure in the context of a worrying diplomatic crisis between the two countries. “Cyberspace is an open environment that is experiencing geopolitical tensions,” says Matthieu Bonenfant. “We are seeing a return to a damaging form of isolationism: China has created its own Internet for itself, while Russia is threatening to do so. Cyberspace is more than ever the 4th arm of warfare, after aviation, navy and land-based forces. With one important difference: it is very difficult to verify that a cyberattack has actually taken place and to identify its sources. You can hide evidence or create false evidence. As a result, this new terrain is conducive to propaganda, manipulation and misinformation.”
The boundaries are also becoming narrower in the area of health – specifically in Israel, where a team of university researchers has documented the existence of malware capable of falsifying medical imaging. It is a virus that causes cancerous tumours to appear or disappear on MRIs and it has managed to fool experienced radiologists.
The increasing complexity of ransomwares
A Stormshield forecast: ❌
A new kind of ransomware is rampant among businesses. Identified as LockerGoga, it began to emerge in early January, when it started interfering with the information systems of Altran and Norsk Hydro, causing a large number of losses.
Ransomware [LockerGoga] Attack Forces Norsk Hydro—One of the World's Largest Aluminum Manufacturers—to Shutdown Operations at Several of Its Plants Across Europe and the U.S.https://t.co/rsSPsCvCAB
By @unix_root#cybersecurity #hacking #ransomware #infosec pic.twitter.com/SE8uwQqsXV
— The Hacker News (@TheHackersNews) 19 mars 2019
Once installed, LockerGoga will not only encrypt a number of files, but will also change system passwords on infected workstations. It also tries to disable the network cards on the machines in order to disconnect the system from any external connection, forcing the victim to switch to manual recovery. One of its main features is the use of valid security certificates to infect target computer systems.
“This ransomware does not seek to create more victims like WannaCry or NotPetya. It is a very targeted move aimed at paralysing a company, or an entire government department, in exchange for a ransom. There is no longer as much collateral damage due to the unregulated proliferation of malware as we have seen with other ransom programs. The impacts of these attacks can be enormous, and we are witnessing a shift in scale,” says Matthieu Bonenfant.
Opening up of cybersecurity to the general public
A Stormshield forecast: ❌
Will cybersecurity soon be on everyone's lips? At the same time as becoming a real social phenomenon, the issue is being discussed by the general public.
In June, it was the focus of discussion for 400 European decision-makers, , business leaders and representatives of public authorities gathered for the first Paris Cyber Week. Cybersecurity is also becoming a popular issue on the Internet. In the aftermath of phishing campaigns, Internet users are talking more and more about it as the number of cases of sextortion, (more or less crude) webcam-based attempts at blackmail, is on the rise. This resurgence in cyberattacks has been observed by Cybermalveillance.gouv.fr, which, meanwhile, is continuing its work of large-scale awareness-raising in France. In June, the platform released the second part of its digital risk awareness kit. In both form and content, this kit meets the needs of the general public and represents a genuine toolbox for dealing with issues affecting people in their daily lives.
In this 4.0 world, digital is physically embedded in our daily lives. And it brings with it a host of cyber risks. In response to them, we need to remain alert regarding major societal developments.
