Cloud-Based Attacks

            According  to  Threatpost,  “as  more  corporate  infrastructure  moves  to  the  cloud,  so  will  the  focus  of
            criminals.” This means that while conducting an attack will be more of a challenge, attacks may become
            more sophisticated and more common.

            Businesses and organizations are also more confident when it comes to the cloud. But confidence doesn’t
            always  translate  to  tighter  security  measures.  According  to  Forbes,  “60%  of  organizations  don’t
            understand the shared responsibility model when it comes to who secures workloads in the cloud. This
            will  create  a  false  sense  of  security  in  cloud security  providers  by  their  customers,  as the  latter  are
            responsible for securing privileged access to their cloud administration accounts and workloads.”


            Artificial Intelligence and Voice Phishing

            As  technology  becomes  more  advanced,  so  do  the  types  of  cyberattacks.  For  example,  “deepfake
            technology” can be used to exploit people in scams. According to MSNBC, the term deepfake refers to
            instances where creators have produced digital content by manipulating images, voices, images — and
            even create fake videos that look real. In one instance, according to Forbes, a CEO gave up $243,000
            due to a deepfake scam.

            An article about 2020 cybersecurity predictions in SC Magazine asserts that “voice phishing will become
            the new phishing bait.” In other words, it’s now easier than ever for scammers to sound like someone
            else. High-level people such as executives and politicians are expected to face heightened risk with
            advanced  deepfake  technology.  Those  scammers  can  then  leave  voicemails  (or  speak  directly  with
            callers) asking for donations or for personal information.

            How to Protect Yourself: Solutions & Tips

            There are many ways to protect yourself — and your business or organization — from cyberattacks and
            cyberwarfare. The Department of Homeland Security (DHS) is a good place to start and provides the
            following tips:



               •  Maintain up-to-date software and operating systems
               •  Ensure that your passwords are strong
               •  Remain vigilant and watch out for suspicious activity
               •  Do not click on links or open emails if you’re unsure
               •  Do not provide personal information
               •  Use secure internet connections
               •  Back up your folders and files
               •  Protect your home and/or business network


            Protecting your email is especially important. Investing in a good email archiving solution can also help
            you mitigate a potential attack by offering backup and disaster recovery options.

            It’s  also  important  to  be  aware  of  the  types  of  email  messages  you’re  receiving.  Poor  spelling  and
            grammar, mismatched URLs, messages asking for personal information, and notes where you didn’t
            initiate the action are just some examples of signs of a possible phishing attack.




            Cyber Defense eMagazine –July 2020 Edition                                                                                                                                                                                                                         76
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.