One of the most important parts of any company’s technology infrastructure is their IT security. Data breaches and virus infections can be costly and lead to downtime, compliance problems, and costly remediation.
Just one single phishing email can cost a small business as much as $100,000 if they don’t have the right protections in place to safeguard their network and devices from a breach.
One thing about cybersecurity is that it’s never completely finished, because threats are always changing. As new threats arise, protections need to be assessed and updated regularly if any new vulnerabilities are found.
What new threats do you need to worry about?
We’ve taken a look at the Sophos 2021 Threat Report and the McAfee Threat Center to see what new viruses, ransomware, and other types of threats these security vendors have been detecting.
Did you know? In Q2 of 2020, there was a 605% increase in COVID-19 related threats.
Biggest IT Security Threats to Watch Out for Right Now
We’ll begin with some of the newest malware variants being picked up by McAfee’s threat detection experts and then move into threats that the Sophos report is warning about for 2021.
Sodinokibi Ransomware
One newer form of ransomware that’s been particularly prevalent in the U.S. is the Sodinokibi Ransomware. Ransomware attacks by encrypting all the data on an infected device so it can’t be used unless a ransom is paid to get the decryption key.
Spear phishing attacks are being used to distribute this ransomware, and it is mainly the opening of malicious document attachments that are the conduit, as well as PowerShell, bat-files, and Exploit kits.
The malware uses a Microsoft vulnerability to inject itself into executable memory.
AppleJeus Cryptocurrency Malware
The AppleJeus malware is a malicious software that presents itself as a cryptocurrency trading platform. This form of malware is particularly dangerous because it can attack both Windows and Mac operating systems.
It is generally distributed through phishing websites, phishing emails, and social networking.
TA505
The TA505 malware is a financially motivated threat. It’s been more prevalent in Canada, but is also widespread in the U.S.
This malware can change the tools it uses, switching between both SDBbot and Clop ransomware. It installs a backdoor in an infected device that allows the hacker to gain control of it.
Common Services are Being Targeted
Hackers have been targeting some of the everyday, common services that people use regularly to connect to their business tools and data.
Because they get so much use, hackers have a better chance of catching someone slipping up and not taking all the safety protocols that they need to.
Two of these everyday services seeing increasing numbers of attacks are:
- Remote Desktop Protocol (RDP)
- Virtual Private Network (VPN)
Criminal Elements Are Turning Malware into a Service industry
One of the reasons for the increased volume of attacks in 2020, is that cybercriminal gangs are turning attacks into a service industry, making it easier for new criminals to make money off of ransomware, credential theft, and other types of attacks.
With any business, efficiency is a goal, and unfortunately the same is true of cyberattacks. For example, criminal enterprises have made certain types of ransomware attacks more efficient, so that attacks that used to take days or weeks, now take just hours to complete.
Previous Non-Malicious Software is Being Weaponized
Another trend that Sophos found was that software that used to be considered an annoyance, such as adware, but not particularly dangerous is now being hijacked and made to execute more malicious activities.
This type of program is now becoming indistinguishable from other forms of malware and doing much more damage than it had in the past. It’s also being used as a type of “content distribution network” for different types of malware.
Basic Cybersecurity Practices Are Still Not Being Followed
The Sophos report found that the most damaging attacks of 2020 were due to lack of attention to basic cybersecurity best practices. Poorly trained teams or businesses that aren’t working with an IT professional to ensure their network is protected, often end up suffering a major attack.
Some of the cybersecurity basics that companies need to adhere to include:
- Keeping devices updated
- Using antivirus/anti-malware
- Email filtering
- DNS filtering
- Password & access security
- Endpoint device management
- Network monitoring
- Backup and recovery strategy
Mobile Malware is Becoming More Prevalent
App store owners are finding it harder to detect and remove malicious mobile apps. Mobile malware has been on the rise along with mobile use. Mobile devices now make up about 60% of the devices on a business network.
Users are less suspicious of the mobile apps they download than they are of strange looking emails in their inbox, which makes it easier for hackers to fool them into installing a malicious app on their device.
Get a Cybersecurity Assessment to Identify Vulnerabilities
Is your company fully prepared for emerging threats? Leverage IT Group can ensure your DFW business is secure with a vulnerability assessment.
Contact us today to schedule a free consultation. Call (469) 458-0559 or reach us online.