Cybercriminals set sights on bot attacks and mobile apps

The past six months have seen a 13% increase in human-initiated cyberattacks. Here's what cybercriminals are targeting.

How to protect physical infrastructure from cyberattacks Andrew Kling and Peter Martin of Schneider Electric explain how the company responded to cyberattacks, and best practices for rapid response.

Cybercriminals are always looking for the next vulnerability to target. With the surplus of data in the enterprise, cybercrime is typically focused on stealing or accessing information. 

While these attacks are still used, cybercrime has both increased and shifted tactics in 2019, reported LexisNexis Risk Solutions' 2019 Cybercrime Report on on Tuesday. The report found a 13% increase in fraudulent activity between January and June of 2019, compared to the previous six months. These attacks shifted toward networked, cross-organizational, and cross-industry approaches.

SEE: Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)

Last year, some of the most popular cyberattack methods included malware, social engineering, software hacking, credential compromise, web attacks, and DDoS, according to Positive Technologies' previous Cybersecurity Threatscape Q2 2019 report

"Fraudsters are now adept at creating sophisticated fraud networks operating across organizations, industries and use cases," said Rebekah Moody, director of fraud and identity at LexisNexis Risk Solutions. "What we are really seeing is the establishment of cybercrime as an industry in its own right and, as it continues to evolve, I think we can expect to see this criminal enterprise mirror genuine businesses—the 'engineering department' develops the cutting edge attacks, while 'procurement' enlists money mules and 'finance' deals with money laundering."

LexisNexis Risk Solutions recorded 16.4 billion transactions, 277 million of which were human-initiated attacks, over the course of six months to determine how today's fraudsters were launching cyberattacks. The report identified the United States as the biggest attacker by volume globally. 

After tracking one fraudster across six different organizations and three industries, the report found an increase in networked cybercrime, as the attacker tried creating new accounts, initiating repeated login attempts, and making fraudulent payments. These attackers are no longer working in silos, but rather, across organizations and locations. 

Top threat vectors 

The report identified two key modes of attack for current fraudsters: Bot attacks and mobile app registration. 

1. Bot attacks

Fraudsters are using bot attacks to target new account creation transactions, in an attempt to test and build online identities for monetary gain. E-commerce were a major target, seeing a 305% increase in bot attacks on new account creations—specifically in online marketplaces, virtual gift card companies, and ridesharing sites. 

"Easy to deploy, these bot attacks are an effective method in which to test, validate or build synthetic identities," Moody said. "In the report we found that fraudsters are using these automated attacks for a myriad of purposes; in media, fraudsters are using bots to sign-up for mass new media accounts to take advantage of free trials and bonuses that can then be sold on for profit."

2. Mobile app registration

With everyone attached to their smartphones, mobile attacks have become a no-brainer for cybercriminals. Globally, attacks on mobile apps increased by 148%, with social media and gaming organizations as the main targets, the report found. 

"Fraudsters have observed how changing consumer behavior is bringing more and more transacting to mobile, rather than desktop," Moody said. "As fraudsters always go where the money is, we are seeing attacks shift to mobile, with fraudsters finding and exploiting key vulnerabilities in mobile browsers and apps."

As 5G gains ground in the coming years, attackers will have even more threat vectors to pursue, according to the report. 

How to stay protected 

Organizations must use a layered approach to cybersecurity if they want to remain protected, the report found. This solution requires high-level digital identity intelligence, physical identity, and authentication capabilities that help companies meet regulatory requirements, improve customer experience, and locate evolving fraud. 

"Unfortunately, single point solutions are just no match when facing the sophisticated networks of fraudsters which we are seeing today," Moody noted. "Businesses need a solution which can identify and detect when fraudsters are masking themselves as genuine customers, and the solution lies in a layered defense of fraud, identity and authentication capabilities. This defense cannot just be at the start, or the middle, or end of the customer journey – it needs to be across the entire customer experience."

For more, check out How to protect yourself and your organization against digital identity fraud on TechRepublic. 

Also see 

istock-958867880.jpg

NicoElNino, Getty Images/iStockphoto