Bad actors are downsizing their technology even as they upgrade their criminality, judging by a new report from security firm Agari.
“We fully expect cybergangs and cyber-criminal organizations will organize and attempt fewer technical cyberattacks, like malware, starting early in 2020,” states Armen Najarian, CMO and chief identity officer of Agari.
Instead, they’ll turn to “low-tech and social-engineered attacks at scale,” Najarian continues. “These types of threats are the most effective, thus harmful.”
The top threat will be vendor email compromise (VEC) attacks.
Case in point: the attacks launched by a cybercrime group dubbed Silent Starling by Agari. The felons hijack corporate accounts, glean information and impersonate the legitimate account holder in emails.
Companies are defrauded throughout their extended supply chain.
Agari cites FinCEN research showing that a VEC attack can pull in $125,000, compared to a traditional business email compromise (BEC) scam.
Perhaps worse, cyber criminals from countries such as Iran, Russia and China will try to hack the email accounts of U.S. Presidential campaigns, Agari continues.