Recent media attention to the Wikileaks reports of the CIA’s purported ability to hijack smart TV’s and other internet-connected devices obscures what may be a greater issue: all hackers (and not just the CIA) are gaining sophistication and are using new tools and techniques to launch cyberattacks that were not feasible as recently as just a few years ago.
It was just a year ago that tempers were flaring regarding ways to open the San Bernardino shooter’s iPhone using hacking tools, and now we’ve learned that the government has had the tools all along. Hackers have developed at least five new ways to infect a private network with malware and to launch full-scale cyberattacks:
- A group of Chinese hackers recently started to use fake cell phone towers to send SMS text messages that contain false promises and infected links. A cell phone user who receives the message and clicks on the link inadvertently installs malware onto his or her phone that draws personal information from the phone and sends that information to the hacker. This technique avoids normal detection techniques by avoiding all communications with network centers that are configured to detect the infection.
- Remote Webcam Control. Once installed on a computer or mobile device, a payload program known as Meterpreter can allow a hacker to control that device’s webcam and to record snapshots of the device’s user. The hacker can then use those snapshots for nefarious purposes, including blackmail.
- Mega DDoS Attacks. The proliferation of Internet of Things (IoT) devices has given hackers access to tens or hundreds of thousands of new launching points for a Distributed Denial of Service (DDoS) attack that overwhelms a network’s servers with queries. Early generations of IoT devices embody the perfect cybersecurity storm of unique IP addresses and dated security systems that allow hackers to access hundreds of similar devices after they have gained access to the first. The hackers can then distract an organization’s cybersecurity team with a mega DDoS attack and breach the network while its defenses are directed to stop that attack.
- Nasty Ransomware. In a standard ransomware attack, access to an organization’s network is frozen until a bounty is paid to the hacker that launched the ransomware attack. Hackers have now raised the stakes by offering to release a small business’s data if they pass the malware on to two or more persons or entities that do pay a bounty. The hacker thus uses an organization’s vulnerability to exploit other entities.
- Point of Sale (POS) Malware. Since at least 2015, hackers have targeted POS terminals at retail locations to lift financial information directly from the hundreds of thousands of customers who use credit or debit cards for purchases every day. Some hackers use “skimmers” that read information from a card. Others attack POS terminals themselves with malware that grabs and delivers financial information to the hacker.
Individuals and companies may well have valid concerns over the government’s supposed to monitor their activities with advanced hacking techniques, but the greater concern will always be how cybercriminals are using new tools and techniques to compromise networks and to steal valuable personal information. Cyber insurance companies share this latter concern and in response, have created cybersecurity insurance policies that can help an organization recover financial losses from a data security breach. Those losses could include damage to internal servers and systems, or liabilities to third parties and customers whose personal data was compromised by the breach. Those liabilities can run into the tens or hundreds of thousands of dollars. A company’s ability to quickly recover from a data breach can be crucial to its long-term existence and its credibility with its customer base.