Written by Keeper Security
Cybercriminals are increasing the use of highly-targeted and sophisticated social engineering schemes designed to steal passwords. This was among the key takeaways from the Ponemon Institute’s 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses.
Cybercriminals like social engineering schemes because they work. The weakest link in any organization’s cybersecurity is its own people; this includes not only employees but also third-party vendors with access to IT systems. Once a cybercriminal has a working password, it’s game over. They can blow right past antivirus and intrusion detection systems and go wherever they want in the network. In fact, 69% of respondents to the Ponemon study said they’d experienced an attack in the previous 12 months that had evaded their intrusion detection systems, and 82% were targeted by attacks that got past their anti-virus solutions.
With that in mind, here are three threats we can expect to see a lot more of in 2020:
Phishing has evolved. Mass spam email campaigns are giving way to highly sophisticated, targeted Business Email Compromise (BEC) scams. Additionally, because a lot of people use their phones for SMS/text messages more than they do for calls these days, cybercriminals are sending malicious messages, a practice known as “smishing.”
While most people know to be wary of clicking on links in emails, many people are still unaware of the dangers and prevalence of smishing, so organizations would do well to educate their employees about it.
For some time, cybersecurity experts have been deeply concerned about manipulated and malicious videos and audio, known as deep fakes. Unfortunately, the threat that deep fakes pose is no longer hypothetical. A few months ago, an energy company in Europe lost $243,000 when a cybercriminal used an audio deep fake to impersonate the CEO. As the technology to create frighteningly realistic deep threats continues to improve, expect them to be used for more wire transfer fraud, Account Takeover (ATO) attacks, and other cyber scams.
Cyber attacks and social media misinformation/disinformation attacks against government agencies (systems, databases, and people) will grow in frequency and intensity as the 2020 U.S. presidential election approaches. These won’t be lone wolf “hacktivist” attacks. They’ll be orchestrated by highly organized, well-funded nation-state actors who have been laying the groundwork for years.
Defending against these threats requires a multi-pronged approach.
Keeper’s business and enterprise password management solutions give organizations visibility into employee password practices, allowing them to monitor password use across the entire organization and enforce strong passwords, 2FA, RBAC, and other security policies.
You May Also Like
Keeper Security’s Privileged Access Management (PAM) solution, KeeperPAM™, has been featured by 451 Research, a technology research firm that provides an unbiased view of opportunities and risks across the enterprise technology landscape. The 451 Research group...
Choose Language