1(630)802-8605 Ravi.das@bn-inc.net

As I scour the news headlines every morning to see what is happening in the world of Cybersecurity, it seems like one of the common threads is that of what 2020 is going to look like.  Is it too early to forecast this?  Well, not really.  We will soon be approaching the midpoint of November, and then a month away, we are into the New Year.  But as the ball drops down in Times Square, don’t expect things to magically change overnight.

This simply means that do not expect Cyberattacks do simply stop or expect something cataclysmic right at 12:01 AM (whatever time zone that you are in).  Remember, the Cyberattacker is now taking their own sweet time to profile their unsuspecting victims and trying to find a way to break in the most covert way possible.  They want to stay in their intended victims for a very long time, so that they can access PII or other digital valuables in small bits.

But as 2020 goes on, I am quite fearful that something bad is really going to happen.  Of course, nobody knows this for sure, but based upon what I have been reading about and what the experts are saying, it seems like that conditions will soon be ripe for something maybe even worse than 9/11 to happen.  What I am talking about is a huge attack on Critical Infrastructure hitting U.S. cities all at once. 

Remember that with 9/11, as horrible as it was, and still continues to be, was largely a physical based attack.  The perpetrators were quickly identified by the FBI pretty much the next day, and there were telltale clues that hijackers left behind. 

But unfortunately, nobody picked up on these readily.  For example, I even remember watching news clips as to how the flight instructors where the hijackers received their training felt that their behaviors were rather abnormal and erratic.

If this was the case, how come they never reported it?  If it was, how come it was never followed up by law enforcement?  But in the Cyberattackers, we are doing with people and even groups of people whose identity we do not even know of.  And even if they could be discovered, it would probably take weeks, months, or maybe even years.  Also keep in mind that Cyberattackers are not home grown here in the United States.

They are more than likely operating thousands of miles away, in some remote and desolate area, or perhaps even a large metropolitan center.  It is also important to remember that the Cyberattacker of today could even very well be colluding with other Cyberattack groups in other nations as well. 

In other words, gone are the days of the physical infrastructure attacks that we saw on 9/11.  This is all now going to be done in the virtual world, which makes it even that much more difficult to track down the perpetrators.

But in the meantime, as 2020 ushers in, the same type of threat vectors that the Cyberattackers have used will still be continued – the only difference is that there will be newer variants of them, which are even more sophisticated, and stealthier.  The best example of this Phishing.  In my view, it is probably the oldest form of Cyberattack, and it is still being used, quite surprisingly, with great success, as even more victims fall for it. 

In fact, just in 2019 alone there was an increase of 250% of Phishing related attacks.  A large part of this is that Ransomware is being used and is growing more powerful in nature.  In fact, there does not even a day go by when you do not see at least one headline about a Ransomware Attack that took place.  In this regard, it appears that the Cyberattacker is now favoring as their target government agencies – where the levels of security are traditionally weaker than that of the private sector.

But, as I had written about in yesterday’s blog, a lot of Phishing scams (especially those related to Robocalls) are now taking place Social Engineering tactics, especially making use of Robocalls.  But apart from this, what other forms of newer, electronic tactics is the Cyberattacker engaging in to launch their Phishing attacks?  Here is a breakdown:

*HTML Character Coding:

In this case, the HTML source code that is used to create the design and layout of the Phishing Email appears to be displayed correctly in most browsers, even including those that are used on the iOS and Android platforms.  But, the Cyberattackers are using those certain keywords that most Antispyware/Antimalware applications use in order to flag down potential Phishing Emails.

*Encryption of the Content:

The Cyberattacker of today is now using high levels of Encryption in order to garble the content of the Phishing Email.  This avoids detection by even the most sophisticated of network security solutions.

*Inspection Blocking:

Once the TCP/IP Address of the Cyberattacker has been determined, it is automatically “blacklisted” by the Internet Service Provider (ISP) that is providing the Email services to the client.  This is an attempt to prevent other Phishing Emails coming from that particular source.  But keep in mind, there is almost an infinite amount of TCP/IP Addresses.  So, once the Cyberattacker has delivered one round of Phishing Emails from one address, they simply move onto the next one, thus making them even harder to locate and pin down.

*Covert locations of the Malicious Links:

Traditionally, these have been located within the content of the Phishing Email message itself.  But in response to this, the Antispyware/Antimalware applications have become much better at detecting this.  As a result, the Cyberattacker is now hiding these malicious links in the attachment itself, in order to avoid detection.  This is new tactic has been one primary reason for the increase in the overall number of Phishing Attacks taking place.

*Content Injection:

Another tactic that the Cyberattacker has started to use is to create websites that look so real and authentic, that it is almost impossible to tell if it spoofed or not.  Heck, there are even a few times that I have almost got suckered in, but luckily, did not.  So, in this regard, the Cyberattacker is actually using legitimate links in order to repoint the unsuspecting victims to these spoofed, but almost realistic looking websites.

My Thoughts On This

There you have it, what the Cyberattacker is using now, and will most likely use in 2020 to launch their Phishing Attack vectors.  I could go through a huge laundry list of what you co do to protect yourself from this, but this is something that can also be very easily done by doing a basic Google search.  So, there is no need to repeat the obvious once again.

In fact, as a shameless plug in, I just launched my 4th Quarter Cybersecurity Newsletter last month.  It is all about Phishing.  The link to where you can subscribe to it is right here:

www.gemini-ibd.com

But I will add an extra piece here.  There is one thing that a Cyberattacker cannot break into:  That is our gut feeling, or instinct.  The bottom line is that if it doesn’t feel right, just delete the message, do not download the attachment, or even click on the link.  That is probably your best bet.  Use of this line of defense to your advantage as we approach the Holiday shopping season, as you receive those flood of enticing Email messages.