Introduction

Introduction

The transformation of the hacking landscape over the past decade is indeed profound. What started as a subculture dominated by enthusiasts and hobbyists—often portrayed in popular culture as individuals in Metallica t-shirts operating out of basements—has evolved into a highly sophisticated, global industry with significant financial and political implications.

hackers Shift to Financial Gain

The primary motivation behind hacking has shifted towards financial gain. Cybercriminals now engage in a variety of activities designed to directly or indirectly generate revenue, such as:

Ransomware attacks: Encrypting a victim’s files and demanding payment for the decryption key. This has become one of the most lucrative forms of cybercrime, with some ransomware gangs making millions of dollars from their attacks.
Banking and credit card fraud: Using malware to steal banking information or credit card details, either to drain accounts directly or sell the information on the dark web.
Cryptocurrency theft: Targeting both individuals and exchanges to steal digital currencies, which can then be laundered and converted into traditional currency.
Data breaches: Stealing sensitive personal or corporate information and selling it to the highest bidder on the dark web.

Security Laws to survive the next 4 years

Security as a Habit as the one and only: making these practices part of a routine rather than one-off actions. Security is a continuous process !!

I will use multifactor authentication whenever possible in all my accounts
I will use a Password manager to keep all my passwords safe and use 15 character strength
I will ensure I only connect to https secured websites and use ad blockers if possible
I will be using strong PINs, patterns, or biometric locks to secure devices physically.
I will be using device tracking and remote wiping tools in case of loss or theft like find my iphone
I will not click on links in emails nor communicate with unknown sources via email or telephone
I will Secure Wi-Fi: with WPA3 encryption and changing default router passwords.
I will be mindful of personal information I share online. Information shared on social media can be used by attackers to craft a targeted phishing attack.
I will use a VPN in all my devices, specially from public places Wi-Fi
I will not use AI services/ Install AI apps outside ChatGPT & Bing
I will be extra cautious with online transactions. Use secure, encrypted connections and only buy from reputable sources.
Majority of SMS I receive will be spam or Phishing, so i will ignore the majority of SMSes
I will keep all my phone and laptop/desktop operating systems Updated & store backups in a safe place and encrypt them
If I have to use Windows, is better to Purchase a surface Laptop since hardware integration is more Secure
I will disable online transactions & limit withdrawals limits that suit on the main bank account and use another card (from another bank if possible) to daily use with daily caps. The main card cant have wireless payment (contactless) nor Any Apple Pay / Google Pay services activated.
I will regularly review bank and credit card statements for unauthorized transactions
I will not disable the Windows Firewall
Google Pixel and Apple iPhone are better also for security latest updates and patches, not because the phones are fancier. Spend your money wisely, do not buy cheap hardware.
I will follow my government cybersecurity webpage news to keep updated about what’s going on in the space & report them any problems

Extra recommendations

Digital Will: Discuss the importance of having a plan for your digital assets in case of emergency, including how to access your digital accounts and data.
Third-Party Applications: it’s not just the operating system that needs updating; third-party applications on their devices require regular updates to patch vulnerabilities.
Credit Freeze: Learn how to place a credit freeze to prevent new accounts from being opened in your name without your explicit permission.
Regular Security Audits: periodic security reviews of device settings, app permissions, and privacy settings to ensure that no unintentional changes have been made or suspicious apps installed.
Privacy-Focused Browsers: option of using browsers that are designed with privacy and security in mind, such as Brave or Firefox with enhanced privacy settings.
Email Encryption: For highly sensitive communications, consider the use of encrypted email services or encryption features within email clients.
Stay Informed: Follow reputable cybersecurity news sources and government advisories to stay ahead of emerging threats.
Community Engagement: Sharing experiences and tips within a trusted community can provide real-world insights and support. Share the knolwdge with all your friends and family .

Social engineering is a deceptive technique aimed at manipulating individuals into divulging confidential information, such as passwords and financial details, which are critical for securing our charity’s network and community services. Originally, this menace manifested through the direct physical theft of such information. However, in our digital age, perpetrators employ more sophisticated methods, including malware deployment, making vigilance, AI voice cloning and more.

At its core, social engineering exploits human psychology rather than technological weaknesses to gain unauthorized access to personal or organizational information. It can range from cyberattacks targeting vast networks to more intimate invasions, such as snooping on a family member’s device. Also known as “social hacking,” it leverages the intricacies of human relationships and trust, often masquerading as a trusted figure to extract sensitive information.

Rise in Supply Chain Attacks & Vendor compromise

A concerning trend is the rise of supply chain attacks. Perpetrators target larger entities through their smaller partners, which may not have robust security measures. These attacks can disrupt the entire supply chain, from procurement to delivery, making every entity within it vulnerable.

Vendor Compromise

It has been observed a rise in the last year on supply chain attack whereas companies has been compromised and hackers stay hidden in their networks and accounts in order to lure known contacts

Attackers will setup even the compromised company or victim system in order for not being suspected and compromise your passwords

I personally call it making a zombie army , similarly as when “infected” , compromised systems are used to compromise more systems and provide financial gain to thread actors .

Known Contact compromise AI attack & Spear phishing

Trend that has been observed is Hackers compromising personal accounts , learning the language and expressions of the victims and targeting all family members in order to gain access to financial & Personal data exploitation

To scale these attacks, hackers might be using automation tools and artificial intelligence (AI) to analyse victims’ language patterns and automate the creation of personalized messages, making these attacks more common and challenging to date

Telephone Deception: Impersonating authoritative figures over the phone to extract sensitive information. Countermeasure: Strict policies against sharing sensitive data over the phone, not taking calls of unknown numbers, specially if you’re not expecting a call from anyone.
Shoulder Surfing: Observing someone’s password or confidential information. Countermeasure: Avoid entering sensitive data in public places. Use password managers.
Dumpster Diving (Trashing): Sifting through rubbish to find valuable information. Countermeasure: Shred documents and physically destroy unusable digital media.
Spear Phishing: Targeted email attacks aiming to trick individuals into revealing confidential information. Countermeasure: Educate staff & Friends on recognizing suspicious emails and implement anti-malware measures.
Malware: Using malicious software to steal information. Countermeasure: Keep software updated and educate staff on digital hygiene. Use an anti malware solution.
Reverse Social Engineering: Trickery to make victims reach out to the attacker. Countermeasure: Verify any unsolicited communication through multiple channels.
Exploiting Social Media: Gleaning information from social media profiles. Reporting you as fake account and asking for money to unblock Countermeasure: Educate staff on safe social media practices and avoid sharing identifiable work-related information.
Phishing emails: This involves sending mass emails that appear to be from legitimate sources, requesting sensitive information or urging the recipient to click on malicious links. Countermeasure : Implement verification procedures for requests of sensitive information or financial transactions. This could include secondary confirmation through a different communication channel, always distrust of urgency or if you’re not expecting such communication.
Spear Phishing: A more targeted form of phishing, where the attacker has gathered personal information about the victim to make the attack more convincing Countermeasure: Privacy Settings: Encourage employees and friends to limit their personal information on social media and other online platforms, making it harder for attackers to craft personalized spear-phishing emails. Secure Personal Data: Ensure that company websites and databases that contain employee or client information are secured against data breaches. Always distrust of urgency or if you’re not expecting such communication.
Pretexting: The attacker creates a fabricated scenario or pretext to gain the victim’s trust, with the aim of extracting confidential information. Countermeasure: Do not give any information to untrusted sources, specially over email and phone.
Baiting: Similar to phishing, but involves the promise of an item or good to entice victims. Baiting can occur online, like downloading malware-infected software, or physically, such as using USB drives loaded with malware. Countermeasure: Do not download software from unknown sources.
Quid Pro Quo: Offering a benefit in exchange for information. This could be something as simple as tech support help in exchange for login credentials. Countermeasure: Do not reveal or trust unknown contacts asking you for information exchange.

Other types of attacks include:

Tailgating or Piggybacking: Gaining physical access to restricted areas by following closely behind a legitimate employee or by convincing someone to let them in.
Vishing: Voice phishing where the scammer uses telephone calls to trick the victim into divulging personal, financial, or security information.
Impersonation: Pretending to be someone else, such as a company official, to gain trust and extract sensitive information or gain access.

Real-world Damage Examples

Fake Transfer Requests: Emails masquerading as clients, leading to financial losses.
Virtual Currency Theft: Spear phishing leading to the compromise of virtual currency accounts ( Crypto )
Personal Information Leak: Impersonation over the phone leading to unauthorized data sharing that is potentially used for malicious purposes
Account Takeover: Social media impersonation, causing widespread misinformation.
Malware Infection: Opening a malicious email attachment leading to a data breach.
SMS cloning : It has been observed in big crypto currency thefts or bank account theft the use of sms cloning , including involving people of the same telephone company.

Attacker Characteristics

Creating a Sense of Urgency: Utilizing crisis language to provoke hasty actions, alwatys making you think that there is no other option than having that call , clicking that link or reading that email and downloading such attachment
Realistic Bold Behaviour: Acting confidently to avoid suspicion, they will make you think certainly they are who they think they are. Do not trust easily , double check all your sources.
Surge of SAS Technology Exploitation: Leveraging easily accessible hacking tools and techniques, in this era all attackers have access to a variety of tools ( paid subcriptions too ) and machine learning . This increases the hackers ability to compromise and make further money.
Limitless surface : The internet its right now a very hard place to be in if not well versed on certain cybersecurity concepts . Attackers can exploit a system in question of minutes and brute force passwords with technologies not available before.
Hackers dont care: Thread actors do not care anymore nor have any values . Potentially they have AI machines doing the first initial stages of attacks .

Cybersecurity Goverment entities can and will help you

National central bodies dedicated to cybersecurity, similar to the UK’s National Cyber Security Centre (NCSC), play a crucial role in bolstering a country’s defense mechanisms against the growing and evolving threat of cyberattacks. These organizations are pivotal for several reasons, making them indispensable resources for a wide range of people .

1. Cybersecurity Guidance and Best Practices

They provide authoritative guidance on cybersecurity, offering best practices on securing personal and organizational devices, safeguarding against phishing and other types of cyberattacks, and maintaining robust password policies.

2. Incident Response and Management

For entities that fall victim to cyberattacks, these centers offer support in responding to and managing cybersecurity incidents. They can provide specialized expertise to help mitigate the impact of attacks and aid in the recovery process. In cases of significant national importance, they may also coordinate a broader governmental response to ensure a unified and effective approach.

By monitoring and analyzing cyber threats, national cybersecurity centers share vital intelligence with both the public and private sectors. This shared intelligence enables organizations and individuals to better understand the cyber threats they face and adopt proactive measures for their defense.

4. Educational Resources and Training

These centers often develop and disseminate educational resources aimed at raising cybersecurity awareness among the public and professionals. They may offer training programs, educational materials for schools, and advice for businesses on building internal cybersecurity skills and capabilities.

5. Policy and Standards Development

National cybersecurity centers work on developing and promoting cybersecurity standards and policies that aim to enhance the country’s cyber resilience. Organizations can align with these standards and policies to ensure they are adhering to cybersecurity best practices, thereby protecting their operations and their customers.

6. Fostering Innovation and Technical Advancement

To stay ahead of cybercriminals, these centers encourage and sometimes directly support innovation in cybersecurity. By collaborating with academia, industry, and other partners, they contribute to the advancement of cybersecurity technologies and methodologies.

7. Public Awareness Campaigns

Through public awareness campaigns, national cybersecurity centers aim to educate the general population about cybersecurity risks and protective measures. Increasing the level of cyber hygiene within the community makes it more challenging for attackers to exploit common vulnerabilities.