The good thing about hackers is they are non-discriminatory. Yes, everyone is included in their list of potential targets. If there is data to be had, from personal email addresses to bank account numbers, it could very well be marked as something of value to a cyber-criminal.
Hackers do not necessarily want the information for themselves. In many cases, stolen data is sold to other, more sophisticated operations on what is known as “the dark web”. Otherwise, the data may be held onto for future use in a larger hacking scheme. Some hackers just love the thrill and dump the gained info into a public space to cause a chaotic scene.
New Types of Hackers Are Appearing
As cybercrime has become more popular and advantageous, more people are getting into the game of hacking. Of course, highly skilled organizations of hackers still exist. Governments are also notorious for employing people with advanced hacking abilities.
However, less skilled beginners are entering the fray and making attempts at stealing information. This evolution has occurred due to the appearance of “teach yourself hacking” materials across darker corners of the web. With even startup hackers being given the opportunity to launch cyber-attacks, everyone should be vigilant to the new trends in hacking this year.
New Hackers Will Be Front and Center
The first trend arises from the new crop of hackers who employ the “hacking kits” described earlier. While underskilled and lacking experience, the easy-to-use tutorials could pose major problems for cybersecurity experts.
The scary truth is, these “as-a-service” tools, as Maya Horowitz, Director of Threat Intelligence and Research for Check Point Software, calls them, make an attack easier than ever. They are so easy that anyone with the ability to order these tools can do it without any tech or hacking knowledge.
These kits include cyber-attack options like malware, phishing, exploitation, and botnets. All someone must do is describe what their goal is and let the appropriate kit do the work.
At one point, an individual would at least have to know how to navigate the dark web. This is no longer the case as Horowitz points out, “These tools are available on the open web.” 2019 could be the year of the novice hacker, for sure.
Phishing Becomes More Effective and Target Specific
Hacking is likely to turn in a more targeted direction moving forward this year. This is a bit of a deviation from recent history, as attempts to gain mass quantities of data were the norm.
Phishing is a tactic that has been used since email was invented. Unfortunately, rather than becoming archaic, it is getting better over time. Simple phishing via email still dominates the hacking world, and it continues to prey on unsuspecting victims at companies across the globe.
However, a new element has been added to the phishing approach – social media. Profiles, posts, pictures, and other information can be cobbled together to give hackers enough intel to pull off sophisticated, targeted attacks on individuals.
The tailored attacks have been given a name “rose phishing.” This approach makes it possible for cyber-criminals to determine a victim and almost impossible for the individual to ignore or avoid the scam.
Amanda Fennell, Chief Security Officer at Relativity, points out how people who post specific information can be used to initiate an incredibly effective attack. She says that hackers value their time and are seeing a high return on their time with these targeted attacks. “You have a much higher probability” of success, she says.
There Is Security in Awareness
The knowledge that almost any email could be a phishing attempt certainly puts a damper on the overall cyber-security mood. It is more important than ever for individuals to be diligent when opening communications at home andat work.
Phishing used to be a mass attempt, typically at corporations, to infiltrate the network by preying on someone not paying attention. However, rose phishing has moved the needle toward individuals.
Hackers have determined that getting to the right person personally could grant them the same access they used to get by attempting a direct attack on a corporate network. Gone are the days when simply leaving suspicious work emails unopened was enough to protect yourself.
Awareness is the key to personal data security, now more than ever. Caution should be used when posting personal information on social media sites. Protect yourself by privatizing your accounts, getting a universally compatible Virtual Private Network, and be wary of unknown requests to join your social circle.
Like most crime, digital criminals are always looking for new ways to gain the upper hand. It is impossible to avoid every attack, but awareness can go a long way toward a more secure digital world.