Cyber criminals were once thought of as petty crooks looking to exploit unwary internet users in dodgy schemes, but thinking of them in terms of legitimate businesses is the only way to combat the increasing threat they present according to a new report from cyber security company, Symantec.
The report states that, along with an increase in politically motivated attacks, targeted attacks, spam and phishing campaigns, cybercriminals are rapidly switching their tactics in response to consumer behaviour and market forces.
"New sophistication and innovation is the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivation and focus," said Kevin Haley, director, Symantec Security Response. "Zero-day vulnerabilities and sophisticated malware are now used sparingly, as nation states shift their attention from espionage to straight sabotage. Meanwhile, cybercriminals caused unprecedented levels of disruption by focusing their exploits on relatively simple IT tools and cloud services."
In a local context, Symantec cyber security expert, Nick Savvides said that while Australia had dropped in regional and global rankings for total attacks, the company was seeing more targeted attacks hitting our shores.
An example of this can be seen when comparing Distributed Denial of Service (DDoS) attacks to ransomware. While the former is regarded as a more primitive form of attack but widely used due to its low cost of execution, Savvides suggested that like traditional business, cybercriminals are making investments targeted toward attack success.
As a result, Australia has seen an increase in targeted attacks, the vast majority of which involve ransomware. This indicates a switch in tactics on the part of cybercriminals to increase return on investment as ransomware is more lucrative than DDoS.
"DDoS is still extremely popular and we saw some of the biggest ever attacks last year. It is one of the main tools that the bad guys use to monetise their attacks," Savvides said. "It is not going away, but in terms of revenue, I don't see it as being bigger than ransomware right now."
Savvides cited figures from the report which stated that 34 per cent of ransomware victims globally pay the ransom the attackers demand. This number jumps to 67 per cent for US based victims of ransomware. While the vendor did not have specific figures in relation to Australia, Savvides estimated that Australian numbers sat between the global and US figures.
"You get more bang for your buck out of ransomware than you do out of DDoS and that is the reality [for cyber criminals] now. In order to run a successful business based on DDoS attacks, you need to have a very large botnet," he said.
Sign up for Computerworld eNewsletters.