On August 3, 2022, the popular developer platform GitHub was hit by a large-scale malware attack with more than 35,000 "code hits" in one day. Interestingly, more than 8,000 Solana wallets, an in-demand mobile app that works with a variety of cryptocurrencies and blockchain wallets, were compromised the same day.
This is obviously a global issue as Taiwan has recently urged businesses in the country to strengthen their cybersecurity in preparation for a potential cyberattack from China as tensions rise there.
Meanwhile, the global cost of cyberattacks is expected to grow by 15% per year and is expected to reach over $10 trillion.
Such cyberattacks are becoming commonplace in Cambodia
As far as cyberattacks go, there have been several documented internet scams and crimes in Cambodia over the years. As a result of these schemes, there have been instances of phishing scams, bonnets (DDoS and APT attacks), and the loss of social network accounts.
Recently, the Cambodia’s Ministry of Post and Telecommunications put out a statement saying that it was concerned about cyberattacks in the Kingdom and urging businesses to be more careful to stop the rise of hacking attacks on the private sector.
Common Types of Cyberattacks
Even though there are thousands of different types of cyberattacks that are known, here are some of the most common ones that organizations face every day:
Ransomware encrypts user files to prohibit access and demand a ransom. Once infected, files are irreversibly encrypted, and the victim must pay a ransom or use backups to restore them.
Ransomware is one of the most common sorts of attacks, with some threatening to release sensitive data if the target doesn't pay. In many cases, paying the ransom doesn't always recover the user's data.
Malware comes in many forms, and ransomware is just one of them. Malware can steal information, deface or change web content, and damage a computer system.
The landscape of malware changes very quickly, but the most common types are:
- Banking trojans— steal financial and login credentials from banking websites
- Cryptominers— use the target's computer to mine cryptocurrency
- Mobile Malware— apps or SMS are used to target devices
- Infostealers— gather sensitive data from the target's computer
- Rootkits— provide the attacker with unrestricted access to a device's operating system
- Botnet Malware— adds compromised computers to a botnet, letting criminals utilize them for their own purposes
3. DoS and DDoS Attacks
DoS (Denial-of-service) attacks overwhelm the target system so it can't respond to queries. Meanwhile, DDoS (Distributed denial-of-service) attacks include several hosts. The target site is bombarded with fraudulent service requests and denies real users. Because of request saturation, servers utilize all available resources.
These attacks don't give the attacker access to or benefit from the target system. They're used to sabotage or distract security teams while attackers launch other attacks.
As mentioned earlier in the post, Taiwan Presidential Office acknowledged the DDoS attack on the office, stating that the attack consisted of 200 times more website traffic than normal. The office is working closely with other agencies to boost cybersecurity as tensions with China escalate.
4. Phishing and Social Engineering Attacks
Over 90% of cyberattacks use social engineering, which relies on human interaction. Impersonating a trusted person or entity to deceive people into giving sensitive information, transferring payments, or providing access to systems or networks.
Phishing occurs when a malicious attacker obtains sensitive information from a victim and delivers a message that looks legitimate. "Phishing" refers to attackers "fishing" for sensitive information by using an emotional bait and a trusted identity.
5. MitM Attacks
MitM (Man-in-the-Middle) attacks allow attackers to intercept network, computer, or user data. The attacker is in the "middle" of two parties and can intrude on their communication. Messages can also be modified by the attacker before being sent to the intended recipient.
6. Fileless Attacks
Fileless attacks are a new type of malware that uses pre-installed apps. Fileless attacks leverage already installed, harmless software and are undetectable by older antivirus tools.
Fileless malware can be activated by user actions or by exploiting operating system vulnerabilities. Fileless malware stays in RAM and uses native operating system tools like PowerShell and WMI to inject harmful code.
Because a trusted application on a privileged system can perform system operations on multiple endpoints, they are ideal targets for fileless malware attacks.
Cyberthreats are growing worldwide, and businesses everywhere must be prepared
Cybercrime has evolved to take advantage of technological advancements that are undermining traditional corporate security measures. To mitigate risk, the current cyberattack is multi-vectored and uses polymorphic code. The detection of threats is becoming more difficult. Cybercriminals frequently target the end point of remote work.
The traditional security perimeter no longer works in the world of remote work. Employees can connect to the company network from a wide range of places and devices. If this environment isn't managed and controlled, it's a data security nightmare.
First of all, this is because endpoints are a common way for cyberattackers to get into a system. They use methods like phishing and malware to get into an end device and then sneak into corporate networks and applications to steal sensitive data.
Second, if an organization doesn't have endpoint protection, it will lose control over where sensitive data is stored and how it is shared. This is not only bad for compliance, but it also puts sensitive data at risk of a breach if a device is lost, stolen, or hacked.
Preventing an attack is preferable to dealing with its aftermath
Softline is currently a strategic partner of Microsoft, Cloudflare, and many other technology companies, specializing in providing digital solutions for Modern Workplace, Security, and Cloud to help businesses successfully digitally transform and deploy up-to-date security solutions.
Many businesses have successfully built security systems by applying tools from Microsoft, a Softline's partner, and by Softline themselves such as Microsoft Defender for Business, Microsoft 365 Lighthouse, and Softline Managed Protection:
- Microsoft Defender for Business - deliver the ultimate user experience with complete endpoint security features that help businesses respond swiftly to cybersecurity threats, save time and money, and focus on key values.
- Microsoft 365 Lighthouse - one of the primary technologies that helps Softline swiftly identify and respond to threats, unusual activity, and device compliance warnings, allowing Softline to proactively manage risk and improve the security for customers.
- Softline Managed Protection - a security service package designed by Softline for SMBs utilizing Microsoft 365 Business Premium to help businesses enhance investment efficiency with Microsoft 365 solutions and comprehensive system security with Softline experts.
Contact Softline to get support and advice on modern security solutions.
E: info.vn@ softline.com.kh
T: +855 23 99 00 39