CISCO: Top 6 Common Types of Cyberattacks in 2020

Many more people are now working remotely following the outbreak of the Covid-19 pandemic and that is creating new opportunities for hackers to compromise computer security. There has always been a game of cat and mouse between hackers and computer security professionals, but the dynamic has now shifted.

As millions of people around the world are forced to work from home, poor security measures and policies are increasingly being exposed by determined hackers. Under normal circumstance IT departments in businesses would be able to monitor and screen for threats in office networks. That has now changed as workers rely on the Cloud to stay connected to work colleagues and clients. As a result, security processes may become lax providing more opportunities for hackers to take advantage.

To help identify potential threats, Cisco has compiled a list of the 6 most common cyberattacks in 2020.

1 DNS Hijacking

Domain Name Server (DNS) hijacking, is a type of DNS attack in which users are unexpectedly redirected to malicious sites. There are a number of ways this can happen including malware being installed onto a computer or routers being taken over. This method of cyberattack can be used for “pharming’ by displaying unwanted ads and “phishing” by showing fake webpages to steal data.

2 Remote Access Trojans

As a tool, Remote Access Trojans (RATs) provide a variety of capabilities to a potential hacker. If an attacker wants to steal financial data, they could use a RAT to take banking details from a compromised computer or collect credit card numbers by installing a keylogger. RATs also enable the hacker to install and delete files. They are usually sent in emails.

3 Threats in Encrypted Traffic

Traffic encryption was invented to address the risks of transmitting sensitive data over the web. The adoption of encrypted traffic has been a boon for security and privacy. The downside to this increase in encrypted traffic is that it is harder to separate the good from the bad. Finding malicious traffic in these cases requires other detection techniques such as machine learning algorithms. However, threats may still evade some machine learning detection methods, so a layered approach with a wide variety of techniques is recommended. According to data gathered by Cisco, 63 percent of all threat incidents discovered by Cisco Stealthwatch were found in encrypted traffic.

4 Office 365 Phishing

Hackers use phishing campaigns in emails that are seemingly from Microsoft to target Office 365 account users. The email contains a request to log in, claiming perhaps that the user needs to reset their password, has not logged in recently, or that there’s a problem with the account. The email often directs the user to click a URL to fix the issue. Users are directed to a fake page which then sends their credentials to the hacker.

5 Social media and black markets

Last year researchers at Talos discovered a huge collection of criminal groups with hundreds of thousands of members on Facebook. The groups were using the social media platform to connect with other criminals, share and sell tools, techniques, stolen data and, in some cases, to scam each other. Although users are not being directly targeted, social media platforms are being used by criminals to discuss operations and as a marketplace to purchase tools and training to carry out attacks.

6 Digital Extortion Scams

These scams are a variation of phishing campaigns that are sent out in bulk with the aim of playing on the emotions of the user and trick just enough people to make the venture profitable. By including a seemingly genuine looking username/or password, the email appears authentic and is a way for hackers to make money from data stolen in previous breaches. For those who have received such emails, be aware that the personal data used was from a earlier breach. If you are still using the same password elsewhere, change it immediately. Users can also check if their email has been exposed in a breach through services like the “Have I Been Pwned” website. 

The rapid shift in working habits brought on by the Covid-19 pandemic means more people are working remotely. Although this has allowed many businesses to continue to operate in such uncertain times it has also opened new avenues for hackers and cybercriminals to exploit. Digital transformation has enabled faster and more efficient workflows via Cloud computing, but businesses and institutions have also become more vulnerable to security breaches and threats. As such organizations big and small must remain vigilant to these ever-growing number of vulnerabilities and cybersecurity threats.