- 1 2020 CYBER THREATS
- 2 BUSINESS EMAIL COMPROMISE (BEC)
- 3 CREDENTIAL STUFFING
- 4 WEB APPLICATION ATTACKS
2020 CYBER THREATS
While Phishing, Ransomware, Crypto-Jacking and IoT Vulnerabilities have been prominent in 2019, here are the trending threats and vulnerabilities for 2020: Business Email Compromises, Credential Stuffing, and Web Application Attacks.
Below you will also find recommendations for mitigating the risks associated with these threats and vulnerabilities to better protect your organization from cyber attacks.
BUSINESS EMAIL COMPROMISE (BEC)
What is BEC?
Cyber-enabled financial fraud or Business Email Compromise (BEC) attacks involve fraudulent requests to pay invoices, change banking information, buy gift cards, or other actions that result in payments being directed to attackers. Often impersonating high-level executives or business partners, the attackers rely on a sense of authority or urgency to bypass normal procedures, checks, and balances.
Impact of BEC
BEC attacks have resulted in the loss of billions of dollars and have affected organizations across every vertical. The transnational criminal organizations responsible for these attacks employ a variety of methods to trick their victims into making wire transfers including spear-phishing, social engineering, malware, and identify theft. The funds are often difficult to recover due to the laundering and transfer techniques used by the attackers.
How Mitigate BEC Risk
- Define robust policies regarding the update or change to any billing or financial information
- Follow the “don’t rely on email alone” principle
- Apply Multi-Factor Authentication (MFA)
- Apply detection rules for email to identify potentially fraudulent or suspicious email messages
- Add visible banners to emails to indicate if it comes from an external and/or suspicious source
What is Credential Stuffing?
Credential stuffing occurs when an attacker attempts to gain access to systems or applications by leveraging the vast quantity of leaked credentials and the human propensity to reuse usernames and passwords. This is a subcategory of brute force attacks, automatically entering large numbers of credentials into services to identify potential account reuse.
Who is Impacted by Credential Stuffing
These attacks are becoming increasingly common and affect organizations across every vertical.
How Mitigate Credential Stuffing Risk
- Enable MFA for all user accounts
- Internal security teams can check user passwords against caches of leaked credentials to identify overlap, and force password resets where necessary
- Organizations can enable advanced brute force detection, multi-factor authentication, CAPTCHA, etc. to reduce the likelihood of credential stuffing
WEB APPLICATION ATTACKS
What are Web Application Attacks?
Web Application attacks continue to be one of the most common hacking methods US Cloud defends against. These attacks take many forms:
- leveraging exploits or vulnerabilities in applications
- weaknesses in configurations
- denials of service, etc.
Impact of Web Application Attacks
Often these attacks are performed in an effort to gain access to sensitive or important data; other times they are used as a foothold into the organization as part of a larger attack.
How Mitigate Web Application Attack Risk
- Invest in defensive technologies including web application firewalls and scanners
- Integrate application security processes into all phases of the web application lifecycle
- Limit inbound requests to only required services