4 in 5 ransomware attacks include threats beyond data encryption and are now focusing on emotional manipulation, according to CyberEdge Group’s Cyberthreat Defense Report (CDR). A cybersecurity awareness expert with a background in psychology offers his tips on what to do if you believe you are being targeted by a cyberattack
Most freelancers are remote workers that are increasingly feeling burned out. However, if more remote workers like freelancers are burning out from less sleep, long working hours without breaks and daily deadlines, they could become more vulnerable to a ransomware attack.
That’s because cybercriminals are using psychology and career profiling to mislead online users and steal their personal information, according to Dr Niklas Hellemann, CEO at SoSafe, a cybersecurity awareness provider.
In 2022, 82% of all breaches involved ‘the human element’. For example, ‘vishing’, emotional manipulation, ‘deep fakes’, and phishing emails.
“As cybercriminals are finding new ways to attack online users, especially as technology improves, it is extremely important to be aware of the up-to-date attacks that will most likely evolve through 2023,” says Hellmann, who is currently hiring at his firm.
“Whilst it is important for everyday users to be aware of potential scams, it is also just as important for larger organisations, for which – in some cases existence-threatening – financial damage is at stake,” he says.
Cybercriminals see burnout amongst remote workers and security teams as a vulnerable target opportunity. Employees are stressed due to a continuously changing, uncertain and difficult situation- particularly regarding our economy. This makes them vulnerable to emotional manipulation.
Dr Niklas Hellemann, CEO at SoSafe
Cybersecurity predictions for 2023
Dr Hellemann highlights the latest tricks of cybercriminals and what to do if you believe you are being targeted by a cyberattack:
#1 – Emotional manipulation
One of the most popular weapons of choice for cybercriminals is using emotional manipulation which is set to rise even further in 2023.
While technical setups change, cybercriminals can always exploit our human emotions to open a door into our systems. Emotions Like greed, curiosity, urgency, helpfulness and fear naturally trigger us and certain behaviours, tricking potential victims into either providing certain information, opening compromised files or making a payment on time for example.
SoSafe data showed that with an apparent willingness to help, cybercriminals tempted more than a third (37%) of recipients to click on malicious content in 2022 – with praise and flattery this rose to 41% clicking on the content.
If you feel any emotional pressure from receiving an email or text message from an organisation or person, always try to verify provided information or requested action before actioning anything.
#2 – ‘Vishing’
‘Vishing’ which stands of ‘voice phishing’ is already being used as a deep fake technology to successfully trick employees into believing they’re talking with members of their own organisations.
As part of a vishing attack, someone will receive a phone call or voice message from someone pretending to be from a reputable company or someone you know. This is to induce individuals to reveal personal information, like bank details and credit card numbers.
Unfortunately, as the quality of deep fake and vishing technology improves and becomes easier to produce, cybercriminals are very likely to be able to conduct successful, more believable attacks this year.
Originally prank calls were viewed as a bit of harmless fun, however, cybercriminals have now realised deep fakes can be used for social engineering attacks as an opportunity to maximise profits.
Genuine institutions or financial organisations will never ask for personal or financial details over the phone. Therefore, it is important to never provide these and rather verify the requested action via other channels – especially if you feel pressured by the request.
#3 – Targeting burnout amongst remote workers
Cybercriminals see burnout amongst remote workers and security teams as a vulnerable target opportunity. Employees are stressed due to a continuously changing, uncertain and difficult situation- particularly regarding our economy. This makes them vulnerable to emotional manipulation.
At the same time, security teams are confronted with increasing complexity. To name one development, the ongoing shift towards hybrid and remote work creates new weaknesses in an organisation’s security that security specialists need to take care of. With a general increase in attacks, security teams are reaching capacity and suffering from burnout too- leading to more security threats.
As a result, the phishing strategy that increased the most in success last year was exerting authority and pressure on its targets – this tactic’s success rate increased by more than 10%.
Therefore, going into 2023 businesses should try to ensure they provide employees with the right security tools and skills to protect their data no matter where they work.
#4 – One-time ransomware extortion attempts will be a thing of the past
Cybercriminals in 2023 will use clever psychological tactics in their extortion, and compound them with further attacks. This is known as Multiple Extortion.
They tend to follow up on their initial theft, encryption, and ransom of sensitive data- with the threat of releasing these data if the ransom isn‘t paid.
This is done using methods such as DDoS attacks, crypto mining, or bot networks until their demands are met.
Compound ransomware attacks will attempt to extort higher value sums from organisations, increasing the risk of damage.
#5- Supply chain attacks
Supply chain attacks peaked in 2022 and are likely to continue in 2023.
This is because cybercriminals are improving at exploiting their victims’ partner and supplier networks.
This is normally down to security flaws in the supply chain. For example, as a result of the software used by partners or suppliers.
An example of a supply chain attack in 2022 was the hack of the authentication services provider Okta, whose network was hacked by the Lapsus$ group. Okta’s customer information was accessed through Sitel, a company subcontracted to provide customer service functions for Okta. This allegedly impacted more than 15 thousand customers.
Therefore, organisations need to be aware that they don’t only need to take care of their own security strategies. Their security is also dependent on their suppliers. Therefore, organisations need to carefully evaluate security competencies when choosing a new partner.