Introduction
Over the past decades, virtual space has changed the way people live and do daily business. The Internet has changed the way people communicate, and for many businesses and organizations, the way they work has changed. In today’s business environment, if an organization does not have any kind of internet presence, it risks being left behind its competitors as advanced technology continues to evolve.
Cybersecurity Threats
Phishing remains the main method of infiltrating corporate infrastructure, accounting for a large percentage of attacks. Also, there are security threats to IoT devices, deepfakes, malicious ads, cyber attacks from social networks, and many other threats (Narwal et al., 2019). Therefore, the virtual space at the current stage of development is not completely safe.
Most Recent Threats
Artificial Intelligence (AI)
AI adoption can greatly simplify many of the day-to-day tasks faced by cybersecurity teams. Recently, there has been exponential growth in the amount of data processed in various systems (Narwal et al., 2019). There is a growing trend toward the use of artificial intelligence and machine learning technologies by cybercriminals to search for vulnerabilities, implement phishing attacks, bypass biometric authentication and protection, create malicious software, and guess passwords.
Cryptojacking and Cloud Data Leaks
Cryptojacking is a trend in which cybercriminals take over the home or work computers of third parties in order to “mine” cryptocurrency. Mining cryptocurrencies requires massive computing power. Therefore, hackers can make money by copying other people’s systems (Carlin et al., 2019). Additionally, the pandemic has forced organizations to do everything on the basis of the cloud due to its significant advantages, such as full visibility and control over data, cost savings, reliability, mobility, etc. At the same time, even protection does not provide complete security.
Threat Actors
The common categories of threat actors include cyber terrorists, script kiddies, organized cybercriminals, state-sponsored threat agents, inside agents and bad actors, human error, and hacktivists. To build a safe system, an analysis of possible threat actors is used. Phishing is an entry point for them; thereafter, techniques and tactics are used, including continued phishing beaconing, long-term persistence, and reconnaissance (Dobrowolski et al., 2020). These days, they can use remote work, cloud systems, less secure mobile payment systems, social media, and many other unsecured structures to penetrate the virtual space.
APT12 Analysis
One of the cyber groups is a Chinese cyber espionage group known as DynCalc, DNSCALC, XESHE, or simply APT12. The organization has used recognized malware such as phishing emails, HIGHTIDE, THREEBYTE, and WATERSPOUT in its malicious campaigns. Each of this malware became more and more advanced versions, which is difficult to track and control. There was a slight hiatus in the activities of the organization, but now it is active again. Moreover, this group targets organizations in China and Taiwan (Moran & Oppenheim, 2018). The APT12 group successfully achieves its goals, as its attacks and malware are noted in many organizations. Thus, in the modern world, there are organizations that have been presented in the cybercrime market for many years but continue to conduct attacks.
Cybersecurity Tools, Tactics, Procedures
The reliable and secure operation of data transmission networks, computer systems, and mobile devices is an essential condition for the functioning of the state and maintaining the economic stability of society. The safety of key public information systems is influenced by the use of hardware and software, including semiconductor technologies, removable hardware, dark web monitoring, antivirus software, encryption, and penetration testing. All of these technologies can be used in in-depth defense to create multiple layers of security.
Tools Versus APT 12
Today, the Internet is not a particularly safe place. This is due to the fact that the Internet is a public open system in which data moves uncontrollably and can be discovered, intercepted, or stolen if the correct knowledge of the equipment is applied. This state of affairs is troubling, especially when sensitive data such as personal or financial information is transmitted over the Internet.
Machine Learning Against Cybersecurity
Advances in machine learning in recent years have allowed the creation of a huge number of applications such as applied data analysis, threats, malware detection, and removal. This can help the world in the fight against cybersecurity, for example, by quickly analyzing codes and finding errors in them (Handa et al., 2019). The solution to many problems is provided by Darktrace. Each enterprise, offer a personal “immune system” that analyzes the flow of information within the company and looks for various kinds of vulnerabilities. The clients of this company are giants such as eBay, Samsung, and Micron. If machine learning were used in APT12 attacks, it could make it possible to find anomalies in the patterns of user and device behavior and promptly recognize and block the attack. None of the APT12 case studies described indicate that organizations have used machine learning.
Conclusion
In conclusion, the modern world is susceptible to various types of cyberattacks. There are criminal groups that wield power to harm organizations or even states. At the same time, new solutions steadily appear, the application of which can help to deal with virtual crime. Since people these days are very curious about the online space, it is important to make their presence in it beneficial and safe.
References
Carlin, D., Burgess, J., O’Kane, P., & Sezer, S. (2019). You could be mine (d): The rise of cryptojacking.IEEE Security & Privacy, 18(2), 16-22. Web.
Dobrowolski, D., Gioe, D. V., & Wanless, A. (2020). How threat actors are manipulating the british information environment.The RUSI Journal, 165(3), 22-38. Web.
Handa, A., Sharma, A., & Shukla, S. K. (2019). Machine learning in cybersecurity: A review.Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 9(4), e1306. Web.
Moran, N. & Oppenheim M. (2018) Darwin’s favorite APT group. FireEye Inc. 1-16. Web.
Narwal, B., Mohapatra, A. K., & Usmani, K. A. (2019). Towards a taxonomy of cyber threats against target applications.Journal of Statistics and Management Systems, 22(2), 301-325. Web.