There has been an increase in social engineering cyber attacks over the past year, reflecting the change in cyber criminal behaviour as they look to capitalise on the disruption brought about by the COVID-19 pandemic.
This is a growing concern for organisations in APAC, given that more than half of organisations surveyed in Crowdstrike’s 2021 Global Threat Report experienced a rise in data extortion attempts during the pandemic as cyber criminals coordinated larger-scale attacks in a more organised manner, rather than exploiting flaws found in cybersecurity systems.
Joey Lim, Country Manager for Singapore at Exclusive Networks shared that state-sponsored attacks are targeting high-value organisations – including healthcare institutions – aimed to seize data for financial gains particularly affected South and Southeast Asia.
“As the region continues to battle against the pandemic, and as vaccine programs continue to be rolled out, this trend is expected to extend well into 2021,” Lim adds.
What are social engineering attacks?
Social engineering attacks aim to exploit the weakness of human psychology by manipulating its victims with their natural inclinations to trust others and give out confidential information.
Based on INTERPOL’s report on key cyberthreat trends in ASEAN, phishing – a method of tricking victims into sharing confidential information by impersonating legitimate businesses – is one of the prominent trends in 2020.
Lim links these increasing attacks to cyber criminals taking advantage of the economic downturn and people’s fear and uncertainty surrounding the pandemic by tweaking their social engineering tactics to include COVID-19 related themes.
Some of the means of attack that Lim has noticed are:
Cyber criminals employ targeted approaches such as spear-phishing, where cyber criminals rely on stolen identities of victims to create authentic-looking emails that trick recipients.
“The information used to profile their victims can be found easily online by scraping social media for data such as personal particulars, location, and business activities. For example, updates on job statuses can be found on LinkedIn and used to impersonate a senior executive to target unsuspecting new employees in a company with scams,” said Lim.
- Increased online dependency
As consumers become increasingly accustomed to interacting online, cyber criminals in turn adapt their tactics to exploit the evolving situation. This could be in the form of hackers using fake QR codes in brand phishing attacks to lead them to fraudulent websites, capitalising on businesses who engage their consumers with QR codes.
- AI and machine learning
Cyber criminals utilise advanced technologies such as AI and machine learning to automate cyber attacks, using them for web scraping and hacking. They are also used to engage their targets using speech synthesis or deepfakes to impersonate influential figures and trick unwitting victims into giving up confidential information.
How to stop social engineering attacks
Although social engineering attacks targets individuals, companies should also be aware of its threat given the COVID-19 outbreak. Following an article from the Harvard Business Review, remote workers are feeling increasingly isolated and restless, leading cyber criminals to take advantage of their vulnerability to create customised scams.
The rapid shift to digital has also worsened this problem for IT professionals as employees working remotely connect their personal devices to home servers instead of company-approved ones.
“These devices could become potential entry points for unwanted intrusion, exposing personal and confidential data on the network and putting companies at risk,” said Lim.
“Large and distributed network on cloud-based unsecure access points provide hackers with a gateway to other areas downstream, allowing them to quickly infiltrate entire networks at scale.”
To prevent these attacks Lim advises companies to employ integrated solutions which provide end-to-end protection that secure their remote and on-premise workforce at scale, and to use Security Orchestration, Automation, and Response (SOAR) tools that leverage artificial intelligence and machine learning to predict, detect and contain threats, helping them stay one step ahead of modern-day attacks.
Other efforts include educating and encouraging employees to observe and implement basic cyber hygiene by not clicking and opening every e-mail and attachments that are sent to them, changing passwords regularly, as well as ensuring that remote workers use only company-regulated hardware only, instead of their personal laptops or phones.
Individuals should also exercise vigilance when on social media as hackers can use the information to profile their victims.
“The seemingly innocent posts on birthday celebrations, or even home office setups photos during lockdowns could expose users and put themselves and their organisations at risk,” Lim adds.
“Thus, it is important that individuals watch out and check what they are posting, especially with regard to photographs taken in the workplace which may include documents strewn on the desk or information on the computer screen that reveal personally identifiable information.”