Abusing trust when it comes to cyberspace

The dreaded Emotet is back, and the National Cyber Security Center in Ireland issued an alarming report of the increase in Emotet activity targeting Irish organizations. Dhai Almutairi discusses the consequences of this.

Copyright free image sourced from Pixfuel.

Emotet is one of the most prevalent ongoing cyberspace threats. It is a malware strain and a cybercrime operation based in Russia. 

In March, the Department of Employment Affairs and Social Protection warned the public of cybercrimes attacking governmental departments and Irish businesses. 

The cybercriminals claiming to represent the department have directly contacted unemployed people as a result of the pandemic and requested personal information from them, including financial and banking details. 

The risk of cyberattacks is heightened by the increase in the number of employees working from home now.

Businesses should be prepared for the growing demand for access to company resources from personal devices, which causes a potential increase in violations of acceptable use policies. Simultaneously, remote working may see devices used for non-professional purposes by any of the employee’s family members. 

An Garda Síochána said there will be a general increase in cyberattacks as a result of Covid-19. 

Graphical user interface, text, application, chat or text message

Description automatically generated

They advised business owners to be aware of these risks and have suitable protocols to deal with any upcoming cybersecurity threats like Emotet.

Gustavo Cols is the business executive of Kaspersky – a computer and network security company in Moscow. He recently took to Twitter to brief people about the continued attacks targeted at different Russian companies where attackers stole legitimate, sensitive documents.

Graphical user interface, text, application

Description automatically generated

 Emotet was first detected in 2014 as a relatively simple trojan for stealing banking account credentials. 

And its goal is for the victim to click and open infected content in an email that is usually set in a macro-enabled document like a PDF or an Office document or a link to a malicious site. 

Emotet’s objective is to access content such as passwords, emails, credit card details, and other personal information forms. It can also cause more malware when it is being downloaded or run on a system. 

It increasingly targets and infects local and international governments with other malware.

Ian Murphy, a journalist and an analyst from the UK, used his platform to alarm people about the increase of Emotet attacks.

Graphical user interface

Description automatically generated

He later advised people about the importance of protecting their IT infrastructure.

In 2016, Emotet reinvented itself as an intimidating, frightful dropper or downloader that installed other malware after infecting a PC. 

The Trickbot banking trojan and the Ryuk ransomware are two of the most common follow-ons. 

According to the Center for Internet Security (CIS), the Trickbot banking trojan is “a modular banking trojan that targets sensitive information and acts as a dropper for other malware.” The Ryuk ransomware is “a type of crypto-ransomware that uses encryption to block access to a system device, or file until a ransom is paid.”

Emotet is a common dropper for the Trickbot Trojan that steals information and downloads Ryuk Ransomware. Once Emotet infects a device, it will use the victim’s contact list to spread to more potential victims. 

This year, Emotet has burrowed into the Department of Justice in Canada, targeted the Democratic National Committee, and increased its attacks on governments in Japan, New Zealand, and France.

This chart was analyzed by VMware to determine the pandemic theme of cyberattacks affecting users in Europe and the United States. 

The chart shows a growing trend in the number of cybercrimes, particularly the dominant wave of Emotet attacks at the bottom of the chart.

Chart, timeline

Description automatically generated

Source: VMware

Digital technology plays a crucial role in our economic, professional, and social lives. With the growth of digital applications, big data, multi-cloud, and artificial intelligence, hackers have more opportunities to access our data.

The development of technology has accelerated the rate by which enterprises can create new products and services. But these rapid changes in the creation of a modern organization makes it challenging to keep up with the security landscape.

Leave a Reply