Over the past several months the news has been full of reports about cybercriminals using malware to shut down devices or networks, steal data, or hold it for ransom. During the second quarter of 2017, over 184 billion total exploits were documented, coming from nearly 6,300 unique exploits. This is an increase of 30% over Q1. While most of these attacks targeted large, commercial networks, there has also been a large spike in such activities targeting the devices and data of individual users.
Some of these attacks, like having your Facebook page hijacked, seem on the surface to mostly just be annoying. However, such attacks are often used to collect the personal information of you or your online friends as part of an identity theft operation. At the same time, we have also seen an increase in malicious applications that mimic legitimate websites, like those of your bank, your healthcare provider, or your other online services. Such malware is designed to steal your personal or financial information.
Last quarter also saw the continued growth of ransomware attacks targeting hospitals or financial service organizations. But we have also seen huge growth in such attacks targeting individual users. Most ransomware attacks are delivered as a malicious file attached to an email. Once clicked on and activated, they can encrypt your hard drive and hold its data – including your family photos and videos, important email, passwords, and banking information – for ransom.
A new family of attacks has also begun to target the wide range of online devices in your home, such as gaming systems, DVRs and Smart TVs, digital security cameras, and even smart appliances that connect to the Internet through your home WiFi system. Known collectively as the Internet of Things, or IoT, cyber attackers target a wide range of known vulnerabilities in these devices in order to control them remotely, collect your data, or install malicious code that allows attackers to aggregate millions of similarly compromised devices into huge cyber weapons known as botnets that can be used to generate huge volumes of data traffic that can overwhelm and shut down targeted online organizations or cripple Internet traffic.
Fortinet, a leading provider of advanced security tools for businesses, documents global cybercrime and publishes its findings in its quarterly Threat Landscape Report. In its most recent report, published this week, Fortinet’s cybersecurity analysis team documented that more than two-thirds of companies analyzed experienced high or critical exploits during the second quarter of 2017. Online criminal activity in Q2 of 2017 produced a higher proportion of critical-severity exploits compared to previous quarters.
Surprisingly, a full 90% of organizations recorded attacks targeting system and device vulnerabilities that were at least 3 years old, even though updates and patches that corrected those vulnerabilities had long been available. Even more alarming, 60% of organizations reported successful attacks that had targeted vulnerabilities that were 10 or more years old.
A growing percentage of such attacks also target home network devices, such as routers and wireless access points. And 1 in 20 such attacks now target mobile devices, such as Android-based smart phones and tablets.
Of course, the big question many folks are asking is, “what can I do about this?” Well, fortunately, there is a lot that can be done. Here is a short list of four things you can do right now to make your home and online experience safer.
For many users, the easiest thing to do is simply set up strict privacy controls that only allow pre-selected people to see your page. Of course, that’s not how a lot of people use their social media pages. For those who want a more public profile, the best thing you can do is be careful about who you “friend” on your application. Cybercriminals often set up fake pages or accounts and then request that you add them as a friend. There are two quick things you can do to protect yourself from fake requests from criminals hoping to steal data or trick you into clicking on links to infected sites.
The first thing to remember is that your bank will never initiate a request to verify your account or provide your login credentials. Such requests, either online or via email, can safely be ignored or deleted. Next, if you do receive an email or a browser page with a link attached, always look at the URL (the web address) before you click it. You can do this by hovering over the link and looking at the address that shows up. This most often appears at the bottom of your browser or pops up near the link. Does the address seem legitimate? It should start with a real address, such as “www.(yourbank).com”. The address should also be reasonably short. However, this sort of thing can be spoofed. So also look carefully at the page. Is the logo correct? How about the spelling and grammar? If you have any suspicions at all, one good tip is to simply log into the site directly rather than use the link provided, or call your financial institution to ensure that the request is legitimate.
The most common way to get users to load malicious software or malware onto their systems is through an email attachment. These sorts of attacks, known as phishing, are often quite clever. They will often claim that the file attached to your email is a receipt or bill for a fictitious transaction (like a diamond watch that cost thousands of dollars or a cab ride to the airport), a fake document that needs immediate attention (like an overdue tax bill from a doctor or the IRS), information about money you won or inherited (like from a fake online sweepstakes), or a message from a friend or family member. Here’s the rule: NEVER click on an attachment or web link in an email from someone you don’t know, that you didn’t request, or that doesn’t seem entirely legitimate. A quick way to check the validity of an email is to simply look at the email address of the sender (you can do that by double clicking on the name of the sender or by hitting reply.) Does the email match the organization? Is it especially long, from a different organization or location from what you expected, or does it include strings of letters or numbers? If so, you can safely delete it.
This is important, but can also require the most work. Look at the devices in your home that connect to the Internet, including your phones, your DVRs and TVs, your security cameras and other online devices, and you home router and/or wireless access point. Write down the name of the manufacturer and the model number. Next, list all the software running on these systems. Once you have a complete inventory list, search for these things online. You will want to query for known vulnerabilities or patches, and make sure that these devices and applications are running the latest patches and the most current versions of their operating systems, firmware, or software. If the device or application is older, and no longer supported by the manufacturer, the safest thing you can do is to bite the bullet and replace it.
We are now living in a digital world, and cybercrime is part of that new reality. We have all learned to lock our cars, deadbolt our doors, look both ways before crossing the street, and avoid dark alleyways and streets at night. It’s time to develop the same good habits as we navigate through our digital environment. Just like in the physical world, you can never be 100% safe. That risk just comes with the territory. But if we all just exercised a bit more caution, imposed just a little more scrutiny on the tools and applications we use, and developed just a little more online common sense, the digital world we live in would quickly become a whole lot safer.
Original article written in Huffington Post and can be found here.
Sign up for our weekly FortiGuard intel briefs or to be a part of our open beta of Fortinet’s FortiGuard Threat Intelligence Service.
You can read more important takeaways in the full Global Threat Landscape Report.