“The threat landscape is undoubtedly evolving; less-skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and we’ll eventually be left with fewer, but smarter and stronger, adversaries,” said the chief technology officer of Sophos, Joe Levy.
As more people connect their devices, it is becoming easier for hackers to attack multiple devices at once. This can be especially problematic in office settings, where an entire network can be taken down in one fell swoop.
The Threat Report says these attacks are getting smarter by using administration tools that are installed on Windows computers. Criminals can use them to create a “chain reaction” that is hard to stop and not spotted until it is too late.
“Once those domain admin credentials have been captured, the attacker waits for the opportune moment — late at night on the Friday of a holiday weekend, for example — to strike.”
When an attack is detected, hackers who are live-managing an attack will often have the skills to avoid roadblocks in an internet battle with IT managers. Frequently the hackers will prevail.
The report says attacks can be so thorough that companies will opt to pay the R705,000 charged by groups like SamSam.
Payment in the form of Bitcoin is demanded through a “dark web” site where victims of the cyber attacks find themselves chatting with hackers directly.
It is expected that the success of the SamSam-style attacks will inspire an increase in such targeted attacks in 2019.
“SA needs a national cyber strategy,” Cowling said. “Companies and the government have not upped their game to meet the threat.”