Hackers are shifting their tactics away from traditional phishing and ransomware attacks, and moving toward stealthier intrusions via websites and the software supply chain, according to a recent report.
In its annual report on internet security threats, the cybersecurity firm Symantec said online bad actors are increasingly exploiting vulnerabilities in commercial software and operating systems to launch cyberattacks. Supply chain attacks, which use loopholes in third-party services to strike a target, increased 78 percent between 2017 and 2018, and web attacks, which rely on malicious URLs and other online weapons, also spiked 56 percent.
“A growing number of groups display[ed] an interest in compromising operational computers, which could potentially permit them to mount disruptive operations if they chose to do so,” Symantec wrote in the report.
Researchers also found phishing attempts dropped roughly 7 percent and overall ransomware infections dropped 20 percent during the past year. While phishing rates have been on the decline for four years in a row, last year marked the first time ransomware incidents fell since 2013.
So-called “cryptojacking” attacks, in which individuals have their computers unwittingly co-opted into mining cryptocurrency, also fell by more than half between 2017 and 2018. Though Symantec attributed the drop to improved detection software, researchers also pointed out the value of digital currencies like Bitcoin and Monero fell significantly over the course of the year.
Hackers also increasingly exploit internet-connected devices to infiltrate private networks and ramping up online misinformation efforts to sow discord and potentially influence election outcomes, both of which could be of particular concern for government agencies.
Agencies are especially ripe for “targeted” attacks, like spear-phishing emails and other tactics aimed at specific individuals or organizations. Such attacks primarily aim to gather intelligence on the target, researchers said, and the groups conducting them have grown more prolific in recent years.
This trend is reflected in the spike in foreign espionage indictments U.S. authorities have handed down in recent years. The growing possibility of punishment could ultimately deter groups from launching targeted attacks in the future, according to Symantec.
“This sudden glare of publicity may disrupt some of the organizations named in these indictments,” researchers wrote. “It will severely limit the ability of indicted individuals to travel internationally, potentially hampering their ability to mount operations against targets in other countries.”