Today’s sophisticated cybercriminals are more than just tech wizards; they’ve become adept at manipulating the human element; with the right tools and tactics, they can use both code and human psychology.
As a result, focusing solely on network security has become counterproductive. You must safeguard your people, too.
Welcome to the age of the double play—where hackers attack minds and machines alike. In addition, more than 80% of phishing sites are now targeting mobile devices. With these threats on the rise, businesses must stay on top of emerging news, threats, and vulnerabilities.
This article will discuss how malicious actors are increasingly making advancements—and how you can ensure resilience amid cybersecurity volatility.
Manipulating the Mind
Social engineering attacks rely on one fundamental truth: Humans are fallible. People are too trusting, they act too fast, or they don’t see when they are being targeted.
Most of the time, cybercrime doesn’t begin with a line of malicious code, it starts with an innocent email or phone call.
Social engineering is the art of getting people to do what you want and reveal their secrets. Hackers don’t need to break into your system if they can convince your employees to hand them the keys. In a real business setting, these attacks can manifest as:
Phishing: Imagine getting an urgent email from your CEO requesting login credentials. It’s real—except it isn’t. This technique plays on urgency and fear, taking advantage of unsuspecting employees to gain access to critical information.
Pretexting and Baiting: The tactics here serve to concoct a believable backstory to offer something enticing, like a free download, to compel workers to reveal sensitive data.
Vishing (Voice Phishing): Often pretending to be from a bank or IT department, just like email phishing but over the phone.
Quid Pro Quo: Hackers might promise technical support or a special favor in exchange for sensitive data.
These attacks work because human nature is easy to exploit. Phishing focuses on urgency and fear, bait relies on curiosity or greed, and pretexting uses trust. At their core, people want to help or to act quickly when they believe the request is legitimate.
The bottom line? A well-timed email that gets a user to click the wrong link can even bring down the most secure system.
A $35 Million Phish
The victim (whose identity is unknown) was deceived into authorizing a malicious transaction that allowed hackers to steal a huge amount of wrapped Ethereum (fwDETH).
Blockchain monitoring service, Lookonchain, reported the attack on October 11, 2024, on an on-chain account that it believes was associated with Continue Capital, a well-known crypto venture capital firm.
The 15,079 fwDETH (valued at around $35 million) were quickly sold by the hackers, causing the token’s value in its trading pair with fwWETH to plummet.
Email Compromise Leads to $60 Million Losses
An employee of Orion, a major supplier of carbon products, was tricked into sending multiple wire transfers to cybercriminals—costing the company around $60 million.
Orion filed a report with the Securities and Exchange Commission (SEC) about the incident, detailing how a non-executive employee was involved in a fraud scheme and had unauthorized wire transfers made to accounts controlled by unknown individuals.
Learn from Your Peers’ Mistakes
You have to pay attention to a few crucial areas to avoid falling into the same trap.
Don’t trust any large transaction without double-checking it. If an entity asks for money or makes a big transfer, take a moment to confirm it through another channel—give them a call, or use a safe method that’s not linked to the initial request.
It’s also essential to have more than one person sign off on large transactions so that one error can’t wipe out your entire funds.
Moreover, employee security training has become imperative in today’s volatile security landscape. By implementing robust measures, you’ll greatly reduce the risk of falling into the same trap.
Machines Are Vulnerable
While social engineering hits the mind—technical exploits go for the machine.
As software flaws, misconfigurations, and outdated systems continue to be part of the business ecosystem, vulnerabilities will be ubiquitous. These allow attackers to easily penetrate a network without direct participation from the victims.
The dangerous thing about technical exploits is that they can happen in the background without the user ever knowing that anything is wrong. Even the most advanced or secure system is vulnerable to outdated software, misconfigured settings, or forgotten bugs.
Malware (including ransomware) and credential attacks are more common in day-to-day threats, while RCE, SQL Injection, XSS, and buffer overflows are highly critical when they happen but may not be as frequent:
Malware/Ransomware: Malware is malicious software that can damage, steal data, or disrupt systems. Ransomware encrypts files and demands payment to release them. This leads to data loss and financial extortion and may even bring business operations to a halt. | Remote Code Execution (RCE) When hackers exploit vulnerabilities in software, they can run their own code remotely on a targeted system. It can be severe, from full system takeover, data theft, and malware installation, to other parts of the network, resulting in widespread breaches. | SQL Injection Attackers insert malicious SQL queries into a web application’s database, enabling them to freely manipulate data. This facilitates unauthorized access to sensitive information and modification or deletion of database content. | Cross-Site Scripting (XSS) XSS enables attackers to inject scripts into websites and run them on unsuspecting users. The consequences are the theft of user credentials, session hijacking, unauthorized access to user accounts, and even the spread of malware. |
Expected Losses: More Than $265 Billion by 2031
That’s the projected estimate for global ransomware damage costs. More pressingly, the government is “getting fed up” with the ever-increasing rate of cyberattacks.
Moreover, traditional authentication methods no longer suffice, compelling cyber defenders to rethink their efforts and move beyond approaches such as Multi-factor authentication (MFA).
The Rhysida Ransomware Group Wreaks Havoc
Axis Health System, based in Colorado and runs a network of 13 behavioral health facilities, reported a cyberattack that has impacted its operations, including the primary care patient portal.
The Rhysida Ransomware Group has claimed the attack and is demanding $1.58 million in Bitcoin.
Citizens, Too, Are Compromized
A cyberattack cost the Scranton, Pennsylvania, School District more than $100,000 in March. District officials stated that they paid:
More than $25,000 in ransom and related fees
Another $100,000 to a forensic expert
The district superintendent said new safety measures were put in place to prevent future incidents.
AT&T: ‘Nearly All’ Customer Records Are Breached
In July, AT&T said that cybercriminals had stolen a huge amount of data, including phone numbers and call records for nearly all of its customers—some 110 million people—over a six-month period in 2022, and in some cases beyond that.
The most recent compromise of customer records, stolen from the cloud data giant Snowflake, is the latest in a series of data thefts targeting Snowflake customers.
Conclusion
The double play has become the hacker’s domain: Both minds and machines are targeted to achieve the maximum impact.
The more cyber threats evolve, the more important it is for businesses to adopt a dual-front defense strategy, where people are empowered, and systems are invulnerable.
Hackers only need to win once. Ensure you’re protecting all fronts.
