CONTINUAL VIGILANCE CAN HELP INDIVIDUALS AND BUSINESSES IDENTIFY EVOLVING CYBERCRIME TACTICS.

THWARTING THE CYBERATTACK

Who is behind these continual computer intrusions?

Unfortunately, there are multiple sources; they can

range from computer gurus looking for bragging rights,

unethical businesses seeking to gain a competitive edge,

criminal rings intent on profiting from sensitive, personal

information, all the way to espionage rings and terrorists

looking to rob our nation of critical information.

Whether we refer to them as cybercriminals or mere

hackers, they are highly-skilled computer experts with

the dogged determination of gaining unauthorized

access to your data. Cyber threats may originate from

a variety of sources and for many reasons:

• “Hacktivists” use the same tools and techniques as a

hacker, but do so in order to draw attention to political

or social causes. A typical tactic can be the complete

disruption of service on government, religious and

corporate websites. “Anonymous” is one of the best

known hacktivist groups.

• Cybercriminals are those who act independently or within

organized crime rings to steal financial data, personal

credentials and credit card information, then either sell

the information on what is known as the dark web (or

black market) or directly access monetary accounts.

• Nation-states or foreign entities seek to spy, gain proprietary

or classified information, or launch cyber strikes in order to

cause damage to individuals, companies or governments.

• Malicious insiders are colleagues you may know who

are looking for ways to harm their own employer, steal

information or make money. A recent SailPoint Market Pulse

Survey found that one in five employees would sell their

passwords and business-related credentials to someone

outside of the organization, many for as little as $100.

Bringing cybercriminals to justice can be daunting. The

nature of the digital space allows for anonymity that

can be challenging for law enforcement; it is difficult

to find and arrest an individual identified only by a

username. And, even if one is locked up, there is always

another cybercriminal ready to step in and build on the

foundation already laid.

Its practitioners are crafty at adapting new technologies

and tactics. Phishing, for example, has been around

for decades, but cybercriminals now use more

targeted approaches, taking advantage of the wealth

of information readily available on the web. Without

careful inspection, it is difficult for the average person

to distinguish a real email from a phishing attempt.

Here are a few examples of emerging cybersecurity trends:

SPEARPHISHING AND WHALING

Spearphishing attacks are conducted by emails and appear

to be from a known individual or familiar business— and

often include details pertinent to the recipient. Whaling

attacks are similar to spearphishing except the targets are

typically high-level executives, celebrities and politicians.

Gaining the information to conduct targeted phishing

attacks is not difficult.

Best practices to help identify emerging cybersecurity trends

©2016 M&T Bank. Member FDIC. CS13755 (10/16) 01

The source of cybercrime seems to be a prominent subject of conversation these

days, even showing up as a question during the September presidential debate

between Hillary Clinton and Donald Trump.

Cybercrime is always evolving.

02

Social media sites, such as LinkedInTM and Twitter,TM hold

even more specific information that can be used to spoof

email addresses, create fake, intentionally malicious

websites and send attachments that mimic the same files

one would receive over the course of a normal work day.

Phishing attacks have different goals. Some want users to visit

a site and provide information such as passwords and login

credentials. Other attacks introduce malware into the network.

RANSOMWARE

Ransomware is a form of malware that, when activated,

encrypts or locks all of the files on a computer or network.

To regain access to the files, the cybercriminal demands

a ransom, typically paid with electronic currency such as

Bitcoin. Ransomware is pretty straight-forward: pay the

ransom and get the files back. However, cybercriminals

see a huge market in this malware and are changing their

tactics. In some cases, the cybercriminals are returning

only a portion of the files and then demanding a second

ransom be paid in order to release the remaining files. It

appears the next generation of ransomware is even more

Machiavellian as it enables the software to be installed, the

data encrypted even when the computers are offline and

then the software targets data stored in the cloud.

MOBILE MALWARE

Mobile devices are ubiquitous both at the workplace

and in personal use, and cybercriminals have taken note.

Malware designed for AndroidTM and AppleTM devices

is embedded into popular apps or can masquerade as

“legitimate” third-party downloads. For example, GM Bot

is a new malware attacking Android devices.

It can also intercept SMS codes and call backs from

targeted financial institutions.

SOCIAL NETWORKS

Cybercriminals love social networking sites. There,

amongt the “Shares” and ”Likes,” exists an abundance

of unique personal information ripe for exploitation as

well as multiple “attack vectors,” the alternative paths

the hacker can use to gain access to a victim’s computer

or network. Using the algorithms in popular sites like

Facebook,TM they’ll plant malicious videos, hoping the

user will be interested enough to click on them or use

baiting techniques – posts that encourage users to share

so they can get a free smartphone, free gift card or a

portion of someone’s lottery winnings. They’ll also play

off trending topics to promote article links and websites

loaded with malware. These techniques, like phishing,

are known as “social engineering” in the context of

information security and rely on human curiosity, fear or

trickery to elicit a response.

Today, the threat environment in cybersecurity evolves

nearly as quickly as technology itself. Creating proactive

security systems that will protect against ever-evolving

attacks is no small task and can only be achieved through

constant vigilance, information gathering and education.

Be ever mindful, and you may thwart the next cyber attack.

To learn more, contact your local M&T Bank Relationship Manager or M&T Bank’s Commercial Service Team at 1-800-724-2240, Monday-Friday, 8am-6pm ET.

Best practices to help identify emerging cybersecurity trends

A basic web search can now glean vast

amounts of information about a company,

including email addresses, job descriptions,

office locations and current projects. Malware tricks users into entering their

login credentials in fake screens, where the

credentials are harvested.

LinkedIn,™ Twitter,™ Android,™ Apple,™ Facebook™ are registered trademarks and the use of these trademarks are subject to the respective owner’s permission. M&T Bank is not endorsed, sponsored, affiliated with or otherwise authorized by these companies.©2016 M&T Bank. Member FDIC. CS13755 (10/16)