While the tactic may not be entirely novel, the increased frequency of such attacks against cyber security professionals is threatening
Cyber-attackers and fraudsters are upping their game by leveraging modern-day digital tools to target enterprises and employees to carry out fierce cyber-attacks. As reported by Google's Threat Analysis Group (TAG), they are increasingly exploiting the social media networks to breach gaps in organizational networks and even the cybersecurity researcher community.
Google has recently reported that it identified multiple LinkedIn and Twitter accounts impersonating antivirus and security firm recruiters and top researchers. While this modus operandi may not be entirely novel, it's intimidating that many of these fake profiles had been generating good traction even though the target was security researchers and practicing security professionals.
TAG also discovered a fake security company, using domain, securielite.com, claiming to be a Turkey-based penetration testing services provider, and revealed that the website was hosting attackers' PGP public key that tempted internet users visiting the site.
"Security researchers successfully identified these actors using an Internet Explorer 0-day. Based on their activity, we continue to believe that these actors are dangerous and likely have more 0-days. We encourage anyone who discovers a Chrome vulnerability to report that activity through the Chrome Vulnerabilities Rewards Program submission process," TAG, which specializes in hunting APTs, mentions in a blog post. These respective accounts now stand suspended.
Global information security solutions provider, eSentire, has also recently highlighted the increased cases of cybercriminals impersonating as recruitment specialists on LinkedIn platforms to offer fake jobs to professionals and infiltrate backdoor trojans in their systems.
A massive surge of cyber-attacks in 2020
Amidst a rapid acceleration of digital services due to the COVID-19 triggered lockdown and mass shutdown of physical offices, 2020 witnessed a sharp increase in cybersecurity incidents. Many organizations had to transition to the complete work-from-home environment without getting much time to beef up their IT infrastructure.
As reported by the Indian Computer Emergency Response Team (CERT-In), in 2020, 11,58,208 cybersecurity incidents were reported compared to 3,94,499 attacks in 2019, witnessing over 193% jump. A considerable percentage of these attacks are originating from social media.
Understandably, attackers are continuing to seek new ways to exploit the home-office security gaps, and in that respect, social media platforms are a new battleground for them.
According to Accenture's State of Cyber Security Report, 40% of security breaches are now indirect, as threat actors target the weak links in the supply chain or business ecosystem. The report further adds that most organizations' current cybersecurity programs can defend only about 60% of the organizational network.
Social media accounts unattended for too long could also allow hackers to steal crucial personal data, launch disinformation campaigns or distribute malware to associated accounts or connections.
Since the pandemic started, social media platforms LinkedIn and Twitter have been generating unprecedented traffic. Without a well-defined categorization or threat intelligence mechanisms, many people continue to trust these platforms instinctively.
Security experts have become a key target for cybercriminals because of their knowledge and repository to tackle various vulnerabilities. Hacking this information can empower cybercriminals to launch well-orchestrated indirect cyberattacks such as Solarwind supply chain attack and bitcoin theft operation executed through Twitter.
It is also interesting to note that fraudsters plan these attacks in a very professional manner. Attackers take a lot more time to build credibility with the likely targets by conversing with them through blogs, emails, and multiple social media accounts other channels.
Changing passwords frequently, staying cautious about suspicious links and messages, checking the connection's credibility before replying, and using suitable security software are some of the fundamental hygiene factors that most experts recommend to avert cyber threats. Nevertheless, in the face of unprecedented global challenges, this new pattern of attacks demands more advanced strategies, continuous vigilance, and transformative solutions to alleviate them at the foundation.