The digital era offers more and more data every coming day, the ways of informational communication become more and more distinguished and sophisticated. Speaking about the security, the more advanced methods are used for protection, the more complex attack tools are used by fraudsters and cybercriminals of the new era to avoid or to break it.
This is not an easy task to stay safe&sound in the modern informational world, let alone the crypto industry itself.
Fact is, the all the data, which is supposed to remain confidential, the personal stuff, they assets and account info – that’s all at stake. The cybercrimes are the more and more often happening, and the forecast is not positive as the industry seems to be only more lucrative over time.
The latest research from RiskIQ does highlight the unpleasant things that are still present though.
Things can really get out of user control
No matter how much efforts one can take into the protection of the customers’ data, the things can always slip away of your control – just like with the MyEtherWallet phishing attack.
With the emergence of the social engineering, the fraudsters become more innovative and creative. Nowadays they can even copy your company – through the website, email, or social media page: all these efforts are to trick the customers and employees into giving away vital information and get the malware installed on their hardware.
It is stated that in just Q1 2018 RiskIQ identified more than 25,000 phishing domains posing as almost 300 brands – moreover, 40 % of them were established in the financial services industry. So, what is the best way to struggle against the phishing? Raise the level of knowledge of your customers, employees, and stay alert – to take the necessary actions to get down the impostor sites down as soon as possible.
The mass attack goes wide
Going on, the RiskIQ states that their company analyzes over two billion HTTP requests every day. Moreover, they deploy web crawling infrastructure that checks terabytes of passive DNS data, millions of SSL certificates, and monitor mobile apps to see how broad the scope of an attack surface really is – or, simply put, how much of an opportunity is there for hackers to break in?
The company analyzed over three million new domains and 77 million hosts that could all be potential targets for a hacker over a two-week period. Since many modern websites share the same frameworks, plugins, and third-party apps, the hacker’s job is even easier. Just as we can create websites faster and easier, so can hackers come up with malicious code to infiltrate them all.
Fact is, one of the most significant vectors is content management systems (CMS) are to attached to WordPress – RiskIQ found that over 13,000 WordPress plugins were among Alexa’s most-visited sites.
Moreover, some 3,390 of them showed critical vulnerabilities running at least one weak web component.
The scale of mobile attack surface is substantial
Most users think of the Google Play Store and Apple’s App Store to be the only mobile app stores available globally. However, there are plenty more of them: a host of affiliate stores serve the Android market, and they can present a wealth of opportunities for bad actors to replace legitimate apps with the fake ones.
Another data from RiskIQ shows an unprecedented 21,948 blacklisted mobile apps, equating roughly to 1.5 percent of all new apps. Almost all of these apps claimed READ_SMS permission, allowing them to intercept messages that could circumvent 2FA.
The best tip could be given – users should always download apps from the primary app stores and be extremely careful when researching the apps they download – if it doesn’t look legit and it’s asking for too much information, it’s probably best to avoid.
Cryptocurrency Miners are set loose
The mining programs and crypto jacking are making the buzz all the time around as more and more computers get infected with the software for mining and lose GPU power as an effect. For example, it is known that more than 50,000 websites have been running Coinhive over the last twelve months – knowingly or otherwise.
Also, there is now an average of 495 new hosts that run cryptocurrency miners every week. Too, even worse than that? Many of the crypto mining scripts found have been active for over 160 days already, meaning companies have failed to detect them.
Hackers may know much more than you expect
Going on, RiskIQ research found that at least 30 percent of companies have more internet assets than they thought. Here counts such stuff as shadow IT, M&As, or a simple lack of organization.
For example, Shadow IT occurs when an IT department outsources for a time and fails to include all internet assets in the company security program. If this happens over a period, it becomes an easy vector for a hacker, since these assets remain unpatched and don’t pass security frameworks.
What is the main reason? Mergers with other companies often lead to this, as the list of assets is frequently incomplete and sometimes chaotic. Internet assets include elements such as domain names, certificates, hosts, and apps.
Still, the modern security strategy for the most companies has shifted to the defense-in-depth approach starting at the perimeter and layering back to the assets that should be protected.
In today’s world of digital engagement, users sit outside the perimeter along with an increasing number of exposed corporate digital assets—and the majority of the malicious actors. As such, companies need to adopt security strategies that encompass this change.
The chaotic world of the crypto industry sees many dangers – let alone ICO start-ups which have numerous vulnerabilities as for the investors, and to their creators as well. One should invest as much as possible to security as this present specific danger even nowadays. The existing defensive methods required need to be developed and continuously updated. The things can get out of hand, and harsh pretty fast in case organizations do not take proper attention to assets protection.