A clear picture can be derived from the results of the Thales Data Threat Report 2020. More than 45 percent of companies had already suffered a data breach in 2019, and the year just ended broke all records. In 2019, the BKA had recorded an increase of 15 percent compared to 2018 with a total of 100,514 cases.
The analyzes by the Thales security researchers show that despite the COVID-19 pandemic, the number of phishing emails has actually increased. In many cases, cybercriminal groups have simply obtained tools from well-known marketplaces and repurposed them for their own purposes. Cybercrime is a business and is now so professional that laypeople can understand and use it for themselves.
With success, recognition grows, with recognition you have access to better tools and methods and, in the end, a lot of money. The fact that a particularly large number of employees work in the home office is definitely an advantage for many cyber criminals, because they achieve their goal even faster if these employees connect to the company network via their inadequately secured remote access solutions.
The relationship between companies and hackers has always been one-sided: cyber criminals tried to break in and companies responded. In 2021, however, that relationship will change as companies go on the offensive and try to disrupt attackers.
Organizations will also begin to resort to fraudulent techniques. It will do this via an increase in counterfeit high attraction systems to distract attackers with these honey pots.
Another option will be to drop so-called breadcrumps everywhere. These are fake credentials that, at first glance, look like they’re leading to a high quality target.
Another measure to lure attackers on the wrong track is honey drops, sometimes also called honey tokens. These are small pieces of supposedly sensitive data that are placed in strategic places in a network in order to attract and identify attackers.
These are miniature tokens in a system that trigger an alarm when accessed by an external party and help to trace the attacker’s trail.
These are just a few of the best known techniques and methods that companies are increasingly using and, above all, should constantly improve in order to finally turn the tables.
In addition, more than ever, companies should exchange information with one another and with law enforcement authorities about uncovered groups and their tools and scams.
– .
