The IT threat situation will continue to worsen in 2023. The reason for this is the progressive professionalisation of the cyber crime scene. Cyber criminals are increasingly abusing authorised applications, such as administrator tools, or manipulating users by means of digital scams targeting the elderly. The lack of trained IT security professionals further exacerbates the situation. Because of the diversity of the threat landscape, end users are now often unaware of the risks and dangers.
Cyber criminals are using increasingly sophisticated and efficient methods to increase their profits. On the one hand, they are refining and changing their methods of infiltrating networks, and, on the other, they are using new tools for their attacks. Consequently, vulnerabilities in systems that are widely used are a particular risk. This includes, for example, the Java vulnerability Log4Shell, which criminals have used to gain access to company servers and which is still being exploited. This shows that a single gap is enough for attackers to compromise hundreds or even thousands of in one fell swoop. Therefore, administrators must always keep servers and user devices up to date with the latest software.
“A central problem for IT security in Germany has been and will continue to be that companies do not take warnings about vulnerabilities or security risks seriously”, says Andreas Lüning, co-founder and board member of G DATA CyberDefense. “They continue to underestimate the real risk to themselves of a cyber attack and rely on the principle of hope to see them through. Therefore those responsible must act now, because, in view of the tense economic situation, no company can afford sales losses or operational downtimes caused by an IT security incident.”
Another attack tool - rootkits - is experiencing a resurgence in attacks where cyber criminals combine different malware programs with each other. Rootkits can be used to hide malware from security solutions. In this way, criminals disguise their attempt to log in to the computer, along with the files and processes associated with this procedure. In proof of concept, researchers have demonstrated that attackers copy rootkits from GitHub, a platform for managing open source software, and incorporate these programs into their attack chains to infiltrate companies.
“The problem is that rootkits are not considered malware in the original sense and are therefore legally made available on GitHub”, comments Karsten Hahn, Lead Engineer Prevention, Detection and Response at G DATA CyberDefense. “Such offerings are of particular interest for criminals with little IT knowledge, because programming rootkits is no easy matter.”
Without skilled workers, there is a lack of IT security
One major challenge that affects small and medium-sized enterprises in particular is the lack of trained IT security professionals. This lack of expertise has a lasting effect on the level of IT security. Medium-sized companies cannot close this gap on their own. One way out of this dilemma is offered by managed security services and employees trained in cyber risks. It is important that companies take action sooner rather than later, because an attack on the IT system with possibly uncontrollable consequences can happen at any time.
Targeting the end consumer: attacking the iPhone
Private smartphones remain an attractive target for attackers, and not just because users use them for mobile banking and payments or as digital keys. Attackers will be increasingly targeting iPhones in the future. The reason is that iPhone users are considered to have more purchasing power and are therefore more lucrative for attackers.
“The criminals exploit vulnerabilities in the iOS operating system in particular, because this gives them root permissions and thus complete control over the device”, warns Stefan Decker, mobile security expert at G DATA CyberDefense. “The current year has shown how serious the situation is, as Apple has had to provide patches for critical gaps on several occasions.”
Users must therefore install patches and updates for their smartphones as quickly as possible.
Social engineering: people in the crosshairs
Because technological protection against malware has improved significantly, cyber criminals are continuing to adapt their attack methods. Social engineering attacks can hit anyone. They aim to tap into personal data or information from victims. Smartphones play a crucial role in this. Attackers are increasingly contacting their potential victims via messenger services such as WhatsApp or Telegram. Current fraud attempts show how real the danger is. Perpetrators have moved scams targeting the elderly into the digital space, as a form of “senior scam 2.0”. Perpetrators pretend to be a family member in need and try to persuade their victim to transfer a large sum of money.
Anyone who receives an emergency call should - as difficult as it may be - keep a level head and analyse the scenario. And check via another channel (email or telephone call) if the emergency described has actually happened.
With its comprehensive cyber defence services, the inventor of antivirus software enables companies to defend themselves against cybercrime. Over 500 employees provide digital security for companies and users. Research and development are carried out in Germany.
G DATA uses nextgen AI technology, endpoint protection and penetration testing for its protection, and offers incident response and awareness training to defend companies effectively.
G DATA solutions have received numerous awards, most recently with the gold award for the best "Malware Protection" from the independent testing institute AV-Comparatives.