Octo Tempest has gradually stepped up from data theft, to data extortion, and now to ransomware as of this summer (becoming an affiliate of the ALPHV/BlackCat group). The cybercriminals are entirely financially motivated and nearly always leads with either a phishing email/message or a social engineering call. It also looks to execute SIM swap attacks.
Most ransomware attacks begin with some combination of phishing and social engineering. An enterprising ransomware gang in Nigeria appears to be skipping this messy step, simply making a direct pitch to employees to join in on the attack.
The data breach took place at the BWI Airport Marriott near Baltimore. A social engineering attack was executed on a member of the hotel staff, who unwittingly granted access.
As more recipients get wise to the usual phishing tactics, attackers are adopting another strategy: pretexting. Protecting an organization against pretexting attacks requires a layered approach that includes preventing attack messages from reaching employees, and making employees aware of how pretexting works.
Whatever new technologies are adopted, social engineering will evolve in parallel and find work arounds. Even as these security defenses mature, it will always be easier to hack a human than hack a system.
Business communication tools are indispensable in today’s distributed working environments, both for internal communication between team members and for external communication with customers. But their use has attracted the attention of attackers who successfully exploit their security weaknesses and tailor their attacks to specific communication platforms.
EA introduced new security measures to prevent account takeover attacks after hackers successfully breached high-profile players’ accounts via phishing and social engineering attacks.
Robinhood, the most popular app-based trading platform for non-professional investors, has confirmed that it suffered a data breach due to a social engineering attack last week that potentially compromised millions of accounts.”
BadUSB attacks have proliferated in the last year for a simple reason — they work as long as curiosity is part of human nature. The impact of BadUSB is tantamount to allowing an unknown hacker to sit at an employee’s unlocked computer and directly attack the network from the inside.
The annual Verizon DBIR provides further confirmation that attackers are showing a renewed interest in social engineering, particularly in conjunction with business email compromise (BEC) attacks. And the average financial damage of a ransomware attack has doubled and is almost certain to cost organizations at least $1 million to remediate.