14,927
edits
Changes
Jump to navigation
Jump to search
Line 7:
Line 7: − + − + − + − + + + + + + + + + + − + Line 23:
Line 32: − + Line 31:
Line 40: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→History
In 1982, [[Ian Murphy]], aka Captain Zap, became the first person to be found guilty of a cybercrime, after hacking AT&T and manipulating its internal clock to enable free calls during peak hours.<ref>[https://smartermsp.com/tech-time-warp-curious-cases-early-hackers/]</ref> <br/>
In 1982, [[Ian Murphy]], aka Captain Zap, became the first person to be found guilty of a cybercrime, after hacking AT&T and manipulating its internal clock to enable free calls during peak hours.<ref>[https://smartermsp.com/tech-time-warp-curious-cases-early-hackers/]</ref> <br/>
'''First [[DNS Abuse Responses|Governmental Response to DNS Misuse]]'''<br/>
'''First [[DNS Abuse Responses|Governmental Response to DNS Misuse]]'''<br/>
On Nov. 2, 1988, [[Robert Tappan Morris]] released a worm that halted one-tenth of the Internet and led to the founding of the first Computer Emergency Response Team ([[CERT]]).<ref>[https://www.wired.com/2001/02/the-greatest-hacks-of-all-time/ The Greatest Hacks, Wired]</ref>
On Nov. 2, 1988, [[Robert Tappan Morris]] released a worm that halted one-tenth of the Internet and led to the founding of the first Computer Emergency Response Team ([[CERT]]).<ref>[https://www.wired.com/2001/02/the-greatest-hacks-of-all-time/ The Greatest Hacks, Wired]</ref> <br/>
'''First Time a Hacker Makes Most Wanted List'''
'''First Time a Hacker Makes Most Wanted List''' <br/>
In 1995, the FBI notifies the public that it really wanted to catch [[Kevin Mitnick]] for social engineering attacks and stealing sensitive government and personal financial data.<ref>https://www.mitnicksecurity.com/about-kevin-mitnick-mitnick-security About Kevin, Mitnick Security]</ref>
In 1995, the FBI notifies the public that it really wanted to catch [[Kevin Mitnick]] for social engineering attacks and stealing sensitive government and personal financial data.<ref>https://www.mitnicksecurity.com/about-kevin-mitnick-mitnick-security About Kevin, Mitnick Security]</ref><br/>
'''Expansion of Criminal Operations'''<br/>
In 2019, [[Interisle]] conducted a study on Criminal Abuse of Domain Names Bulk Registration and Contact Information Access, which explained that cybercriminals take advantage of bulk registration services to launch attacks across many domain names and that ICANN’s [[Temporary Specification for gTLD Registration Data]] has had a detrimental effect on cybercrime investigations.<ref>[https://interisle.net/sub/CriminalDomainAbuse.pdf Criminal Domain Abuse, Interisle 2019]</ref>
==2021 Cybercrime Reports==
==2021 Cybercrime Reports==
Current trends in cybercrime revolve around how the COVID-19 pandemic has shaped everyday work/home life and highlighted the importance of cyber networks in maintaining [[Cybersecurity and Infrastructure Security Agency|critical infrastructure]].
Current trends in cybercrime revolve around how the COVID-19 pandemic has shaped everyday work/home life and highlighted the importance of cyber networks in maintaining [[Cybersecurity and Infrastructure Security Agency|critical infrastructure]].
* [[PurpleSec]]'s 2021 Cyber Attack Report<ref>[https://purplesec.us/resources/cyber-security-statistics/#SmallBusiness Cybersecurity Stats, PurpleSec]</ref> indicates that:
# Receiving 38% of cyber attacks, the U.S. the number one victim of cybercrime
# 92% of malware is delivered by email
# 43% of cyber attacks target small businesses
# 21% of Financial institutions suffered a [[Watering Hole Attack]] in 2020
# 32% of financial institutions encountered [[Island Hopping]], which refers to attackers using one compromised organization to gain entry into another
# 25% of all malware attacks hit financial industries, more than any other [[CISA|critical infrastructure sector]]
* [[INTERPOL]]’s ASEAN Desk identified the top cyber threats as:<ref>[https://www.interpol.int/en/News-and-Events/News/2021/INTERPOL-report-charts-top-cyberthreats-in-Southeast-Asia INTERPOL ASEAN Desk]</ref>
* '''[[INTERPOL]]’s ASEAN Desk identified the top cyber threats''' as:<ref>[https://www.interpol.int/en/News-and-Events/News/2021/INTERPOL-report-charts-top-cyberthreats-in-Southeast-Asia INTERPOL ASEAN Desk]</ref>
# [[Business Email Compromise]], as a high-return investment with low cost and risk;
# [[Business Email Compromise]], as a high-return investment with low cost and risk;
# [[Phishing]], using COVID-19 jargon and misinformation to deceive unsuspecting victims;
# [[Phishing]], using COVID-19 jargon and misinformation to deceive unsuspecting victims;
# [[Cryptojacking]], as the value of cryptocurrencies increases.
# [[Cryptojacking]], as the value of cryptocurrencies increases.
* Mandiant's M-Trends 2021 Report<ref>[https://content.fireeye.com/m-trends/rpt-m-trends-2021 Executive Summary, 2021 M-Trends Report]</ref>
* '''[[Mandiant]]'s M-Trends 2021 Report'''<ref>[https://content.fireeye.com/m-trends/rpt-m-trends-2021 Executive Summary, 2021 M-Trends Report]</ref>
# 59% of the security incidents investigated by Mandiant last year were initially detected internally by the organizations themselves (12% better than in 2019).
# 59% of the security incidents investigated by Mandiant last year were initially detected internally by the organizations themselves (12% better than in 2019).
# Ransomware has evolved and now employs various extortion tactics.
# Ransomware has evolved and now employs various extortion tactics.
# 63% of attackers used techniques outlined in the [https://attack.mitre.org/ MITRE ATT&CK framework], and 5% of intrusions used over 1/3 of MAF techniques.
# 63% of attackers used techniques outlined in the [https://attack.mitre.org/ MITRE ATT&CK framework], and 5% of intrusions used over 1/3 of MAF techniques.
# Threat actors exploited vulnerabilities in the infrastructure supporting work at home.
# Threat actors exploited vulnerabilities in the infrastructure supporting work at home.
* '''[[Spamhaus]]'s 2021 Q2 Report'''<ref>[https://www.spamhaus.org/news/article/813/spamhaus-botnet-threat-update-q2-2021 Botnet Update,Spamhaus]</ref> <br/>
This report focused on [[Botnet Attacks|botnet]] [[Command and Control]] activity and compared the findings from Q1 with Q2. Key figures:
# A 594% increase of newly registered botnet C&C domains at [[NameSilo]]! This sudden uptick knocked [[Namecheap]] out of first place.
# Working with the [[FBI]], Spamhaus discovered 1.3 million compromised email accounts; 22,000 compromised domains; and 3,000 compromised networks.
# The three hosting providers with the largest abuse problems and/or worst [[DNS Abuse responses|responses]] to abuse reports are [[Ipjetable]], [[Google]], and [[Microsoft]]. <br/>
Other significant Spamhaus findings:
{| class="wikitable"
! Top 20 Most Commonly Used [[Malware]] Families (ranked) !! [[Malware#Common Types of Malware Based on Purpose|Function]] !! Most Commonly Attacked [[TLD]]s (ranked) !! Top 20 Geo-Locations of C&C Botnet Servers (ranked)
|-
| Raccoon || dropper || [[.com]] || U.S.
|-
| RedLine || remote access trojan (RAT) || [[.xyz]] || Russia
|-
| AsyncRAT || Credential Stealer || [[.buzz]] || Netherlands
|-
| Loki || RAT || [[.top]] || Germany
|-
| Gozi || RAT || [[.br]] || France
|-
| BitRAT || Credential Stealer || [[.vip]] || Latvia
|-
| Oski || RAT || [[.org]] || U.K.
|-
| VjWOrm || Credential Stealer || [[.ru]] || Ukraine
|-
| NjRAT || Credential Stealer || [[.net]] || Switzerland
|-
| RemcosRAT || e-banking Trojan || [[.cloud]] || Seychelles
|-
| NanoCore || RAT || [[.tk]] || Czech Republic
|-
| AgentTesla || RAT || [[.cn]] || Moldova
|-
| Tofsee || RAT || [[.eu]] || Panama
|-
| Arkei || RAT || [[.ga]] || Canada
|-
| STRRAT || credential Stealer || [[.ml]] || Malaysia
|-
| CryptoBot || credential Stealer || [[.online]] || Poland
|-
| CobaltStrike || RAT || [[.live]] || Finland
|-
| ServeHelper || credential Stealer || [[.su]] || Vietnam
|-
| IcedID || dropper || [[.info]] || Turkey
|-
| QuasarRAT || dropper || [[.cf]] || Brazil
|}
==Organizations==
==Organizations==