Bad actors will attack points of least resistance where they can easily monetise their efforts, according to Steve Grobman, McAfee SVP and CTO. It means the attack surfaces are constantly in flux and new solutions are needed. The next boon for cybercriminals is “cryptojacking”.
- Leadership Webinar: Which-50’s 2019 Outlook and Business Transformation Drivers webinar is set for November 27. Register today!
“The pattern that we see is cybercrime is market driven and you will see cybercriminals moving to any untapped market,” Grobman told Which-50 during the MPower cybersecurity conference in Sydney this week.
“It’s just like legitimate business; If you have an untapped market somebody will try to address that market.”
Being market driven means cybercrime is constantly shifting, according to Grobman, who used the progression from credit card data theft to ransomware as an example.
“They can now hold a victim hostage directly and, instead of having to sell stolen data, get paid by the victim.”
The latest shift is crypto-jacking, driven by the rising value of cryptocurrency, Grobman said.
Malware allows bad actors to take hijack users’ systems and mine coins in the background, removing the greatest costs of crypto coin mining, hardware and power. The practice is on the rise, increasing 629 per cent in Q1 2018 then another 86 per cent in Q2, according to McAfee, which recorded 2.5 million new cryptomining malware samples in the latest quarter.
“Our latest data shows that crypto-jacking was one of the big shifts this year. It’s a lucrative market that with the high valuation of cryptocurrencies became very attractive,” Grobman told Which-50.
And while threats will remain in all areas, the amount of criminals using a particular method will depend on where money can be made more easily.
Ultimately, where cybercriminals will strike next will be determined by how easily they can “monetise the output from their objective”, a point often obscured by the focus on technology vulnerability, according to the McAfee CTO.
“It’s not just about how vulnerable a technology is to a criminal endeavour but what is the monetisation mechanism a cybercriminal would use.”
And as the attackers exploit new avenues in increasingly sophisticated ways, McAfee is using emerging technology as a defence. The firm has a suite of products, some of which combine human threat analysis with machine learning.
“Both machine learning and humans are good at different things,” Grobman said.
“Machine learning is good at analysing data at scale and identifying patterns or trends that are representative of what has been seen in the past.”
However, the technology is less viable at identifying new or unknown threats, an area where humans can excel, according to Grobman. Of course humans can not conduct the data analysis at the scale required in modern enterprises. Combining the two produces “the best of both worlds”, Grobman said.
However, it is important they work in unison, Grobman argued, rather than assigning humans and machines to the areas they excel in.
“If you actually get them working together you find things you wouldn’t find otherwise.”