Ransomware Armageddon

12361106501?profile=RESIZE_400xThe least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted.  There were new headlines every week, which included  big name organizations:  MGM, Johnson Controls, Chlorox, Hanes Brands, Caesars Palace, and so many others.

Phishing-driven ransomware is the cyber threat that looms larger and more dangerous than all others.  CISA and Cisco report that 90% of data breaches are the result of phishing attacks and monetary losses that exceed $10 billion in total.  A report from Splunk revealed that 96 percent of companies fell victim to at least one phishing attack in the last 12 months and 83 percent suffered two or more.[1]

See:  https://redskyalliance.org/xindustry/impersonation-at-the-top-of-phishing-attack-plans

Cybersecurity professionals have seen incredible advances in defenses in the past 20 years.  The one thing that has not advanced is humans.  Users in every organization and not much more advanced at stopping cyber-attacks than they were two decades ago. This is why phishing is so effective for cybercriminals, because it exploits human weaknesses, not technology.  That leaves legacy MFA as the most critical defense mechanism.  Most companies are using legacy MFA technology that is over 20 years old.

With the rise of Generative Artificial Intelligence (GenAI), cybercriminals are able to take phishing to an entirely new level where every attack can become nearly impossible for users to identify, and attackers will now be able to do this with little effort.  Read on to find out why, and what you can do about it.  Phishing uses deceptive communications emails, text messages, and voice messages to trick users into revealing sensitive information, including login credentials, passwords, one-time passwords, personal information, and clicking on phony approval messages.

Cybercriminal gangs are learning to use the incredible power of GenAI tools like fraud-versions of ChatGPT to create more persuasive, convincing, and realistic phishing messages.  This highly personalized and context-aware text is practically indiscernible from normal human communication. This makes it extremely challenging for recipients to tell the difference between genuine and fake messages. LLMs also allow almost anyone, not just the hacking pros, to launch phishing attacks.

Traditional anti-phishing solutions are not effective at detecting the latest phishing messages created by GenAI.  GenAI content lacks telltale signs of phishing, like misspellings or generic language.  Phishing detection tools rely on pattern recognition and known indicators of phishing that will no longer be present.  Perhaps more worrisome, GenAI tools are enabling cybercriminals to conduct highly targeted phishing campaigns on a massive scale.  Threat actors can now automate the generation of a virtually unlimited number of custom-tailored phishing messages for a wide range of victims.

The explosion of GenAI-powered phishing attacks raises a big question: will we ever be able to spot super realistic fakes?  Are we losing the fight against phishing?  This question is leading many companies to reexamine their anti-phishing tactics.  To fight phishing attacks head-on, they must upgrade the primary targets of phishing: credentials and legacy MFA.  By going passwordless to eliminate reliance on traditional credentials and by implementing next-generation MFA To replace the 20-year-old technology of legacy MFA.

Innovative companies are moving away from username and password to passwordless authentication. Yet these solutions, while a giant leap forward, also have limitations.  A lost, stolen, or compromised device that is not biometric can be used to gain unauthorized access, and mobile phones and other BYOD devices are out of the control of the organization and are susceptible to all types of malware being downloaded by the user.

For these reasons and others, security-first companies are making the decision to move to next-generation multi-factor authentication.  The next-generation MFA replaces traditional credentials, password-based authentication, and inconvenient and vulnerable legacy MFA solutions.  The next-generation MFA paradigm relies on a physical, wearable FIDO2-compliant device that eliminates the human factor in phishing making it virtually phishing-proof.  These cutting-edge biometric wearables also protect organizations against BYOD vulnerabilities, lost and stolen credentials, weak passwords, credential stuffing, MFA prompt bombing, and easily stolen SMS one-time passcodes.

Unlike traditional MFA, attackers simply cannot bypass next-gen MFA with malware, MFA fatigue attacks, adversary-in-the-middle (AiTM) attacks, and other methods.  Since the authenticator always remains with the user, wearable next-gen MFA tokens are constantly safe and immediately available for authentication.  Only the authorized user can use the device, and no attacker can access the secrets, keys, and biometrics stored on it.

GenAI is powering the coming tsunami of phishing attacks that are effectively nullifying traditional phishing defenses and obsoleting legacy MFA.  Wearable, next-generation MFA devices like Token Ring stop the most sophisticated phishing attacks and are the best defense against the coming phishing Armageddon.

This article is presented at no charge for educational and informational purposes only.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  Call for assistance.  For questions, comments, a demo or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com   

 

Weekly Cyber Intelligence Briefings:

 

Reporting: https://www.redskyalliance.org/

Website: https://www.redskyalliance.com/

LinkedIn: https://www.linkedin.com/company/64265941

Weekly Cyber Intelligence Briefings:

 

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/5993554863383553632

 

 

[1] https://thehackernews.com/2024/01/there-is-ransomware-armageddon-coming.html

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!