© 2019 SourceMedia. All rights reserved.

Hackers reaping greater rewards with hybrid cyber attacks

For as little as five dollars, cybercriminals can purchase DDoS services that can be used as part of larger hybrid attacks.

A DDoS attack may be unleashed by a hacker to test an organization’s network security, to function as a smokescreen distraction or to locate a backdoor for exfiltration. Due to the dark web opening up ‘DDoS for hire’ services and shops, DDoS attacks are increasing both in popularity and scale.

Hybrid attacks can then cause more damage than just taking an organization offline, infecting it with malware or ransomware, for example.

One common practice for cybercriminals is to use a round of DDoS attacks to determine whether or not an enterprise is an easy target. Most of the time, attackers simply do not want to waste time or money attempting to infiltrate an enterprise that has iron-clad security defenses; launching one round of DDoS attacks is enough to showcase how hard or soft an enterprise’s cybersecurity is.

If attackers have an easy time penetrating cybersecurity defenses, a second round of attacks, whether DDoS, malware or ransomware, may be launched to shift organizational focus to mitigating it. This distraction buys cybercriminals time to access the network through the backend and inflict further damage to the organization, costing small and midsized businesses an average of $2,235,000 per year.

We should therefore be aware of fleeting DDoS attacks as they could be a prelude to a larger hybrid attack. According to Infosec Global, cybercriminals are shifting from large scale, monster attacks to smaller, targeted, short burst hits like these—an approach that will likely continue with ferocity into 2019.

hybrid hacks.jpg
A stream of binary coding, text or computer processor instructions, is seen displayed on a laptop computer screen as a man works to enter data on the computer keyboard in this arranged photograph in London, U.K., on Wednesday, Dec. 23, 2015. The U.K.s biggest banks fear cyber attacks more than regulation, faltering economic growth and other potential risks, and are concerned that a hack could be so catastrophic that it could lead to a state rescue, according to a survey. Photographer: Chris Ratcliffe/Bloomberg

Beyond network security, companies must also account for potential vulnerabilities with IoT devices, particularly those that are low cost and low security. These vulnerable IoT devices are readily available and often have not undergone thorough security checks.

It is critical for companies to analyze the IoT devices they purchase and determine whether the devices can be used to infiltrate a company’s network and confidential information. IoT devices that can be easily compromised give hackers access to launch hybrid attacks internally.

Simple security steps every company should follow

Creating a two-tiered network security approach is beneficial for companies looking to toughen their security. The first tier is focused on perimeter security—how can we ward off initial threats before they get access to our network? The second tier of security targets threats that have already infiltrated the network.

Companies must have guidelines on how to fight threats from within their network as cybercriminals grow more sophisticated.

It is recommended that companies compose a business continuity and disaster recovery plan that encompasses every area of the organization—including public relations, sales, finance, marketing, procurement, human resources, etc.

To be effective, the plan must describe the overall business continuity response management structure, identify specific roles and responsibilities, designate coordination and communication between entities, and describe a general concept of operations for efficiently and effectively addressing the life cycle of an incident.

Companies must also audit their digital platforms as often as they change them. Every update, whether to the website or to operations, has the potential to create a vulnerability. The best practice is to hold weekly audits, however, companies that make frequent changes should consider daily audits.

Cybercrimes grace headlines every day, yet 81 percent of data breach victims do not have the ability to detect breaches internally. Companies are well-aware of the devastation cyberattacks can cause and without investing in hard network security, they remain vulnerable to hybrid attacks. In the 197 days it takes for them to naturally detect a breach, cybercriminals gain access to a wide variety of sensitive materials and have ample time to inflict damage.

For reprint and licensing requests for this article, click here.