Social engineering techniques are frequently used by criminally motivated threat actors to tailor phishing campaigns, spam emails and fraudulent scams. The psychology behind many of these techniques is to prey on human emotions and behaviour, the most exploitable of which are greed, curiosity, fear and the desire to help. The COVID-19 pandemic provided criminal actors with a unique opportunity to use lure content and social engineering techniques, according to cyber firm Crowdstrike in its threat report for 2021.
Company CEO and co-founder George Kurtz said: “We spent much of 2020 hoping that its unique challenges would quickly be consigned to history. Let’s hold onto that hope, but at the same time, we need to stay clear-eyed and resolute about the hurdles that lie ahead. I hope this report on recent global threat activity and trends helps you become better informed and better able to meet those challenges, so when we finally put this chapter of history behind us, we’ll be able to look back and reflect on not just our losses, but also a few victories.”
The company’s report covers how state-sponsored adversaries infiltrated networks to steal valuable data on vaccine research and government responses to the pandemic; and how criminal adversaries introduced new business models to expand their “big game hunting” ransomware activities – that is, going after high-value targets. While some hackers publicly announced intentions to avoid targeting frontline healthcare, some hospitals were targeted with ransomware, and the report notes that some hackers may have launched attacks against pharmaceutical and bio-medical companies instead.
The ransomware adversaries that proliferated in 2020 are as motivated as ever, evidenced by the introduction of increasingly damaging tactics, techniques and procedures (TTPs), according to the firm. Its report predicts that vaccination rollout plans will likely become a target of intelligence-gathering efforts by state-sponsored adversaries in 2021.
As for supply chain cyber attacks, they are nothing new, the firm points out. In addition to software-based attacks, such as the one that affected SolarWinds late last year, supply chain attacks can take the form of hardware or third-party compromises.
You can download the report at the Crowdstrike website. Visit https://www.crowdstrike.com/global-threat-report/.
