When it comes to threats from the dark web, the U.S. is a
prime target.
A new report by threat intelligence company SOCRadar found that more than four out of five
(82%) threats from the dark web aimed at North America targeted the United
States over the last 12 months. “The high percentage in the United States
suggests a larger digital footprint and more attractive targets,” the report
noted.
The 26-page report also found that Uncle Sam is a popular target
for ransomware extortionists, with 88% of those attacks aimed at U.S.-based
organizations. “High-value businesses, extensive digital networks, and larger
financial opportunities likely attract attackers to the U.S. market,” it
reasoned.
While Canada (9.7%) and Mexico (1.8%) were targeted
substantially less, the report warned, “All countries must stay vigilant and
actively strengthen cybersecurity defenses against ransomware threats.”
Grant Leonard, field CISO for Lumifi Cyber, a managed detection and response services
company in Scottsdale, Ariz., explained that the U.S. is a sophisticated,
tech-savvy nation with many millions of users online, sharing and doing
business in a way that makes them targets for criminals.
Companies in the U.S. may also be more willing to pay off
ransomware artists than those in other countries. “The reality is there are
many targets who have some form of insurance and are willing to pay money to
continue to do business,” he told TechNewsWorld.
“Sadly, many U.S.-based organizations still pay ransoms,”
added Damon Small, a board member of Xcape, a penetration testing, incident response, and
managed IT services company in Los Angeles.
“The U.S. may soon follow other countries by introducing
regulations prohibiting this and also requiring a more robust security
infrastructure,” he told TechNewsWorld. “Ironically, we see some of this being
driven by insurance companies requiring such infrastructure when underwriting
cyber policies.”
Targeting Success
The U.S. has a robust financial infrastructure that also
makes it attractive to cyber shakedown players. “Connectivity between crypto
wallets and fiat currency makes it faster and more efficient for threat actors
to monetize their efforts,” said Jason Hogg, executive chairman of Cypfer, a global cybersecurity firm specializing in
incident response, ransomware recovery, digital forensics, and cyber risk
management.
“This is exacerbated by two major factors,” he told
TechNewsWorld. “First, the concentration of large and lucrative companies in
the U.S. Second, the size and scale of the companies, from both an employee and
consumer base, require large and complex infrastructures, resulting in greater
entry or access points due to the advanced connectivity of mobile and digital
interfaces to support their operation and commerce.”
“Further, the regulatory pressure and reputation risk
exposure incentivize payment of ransom for faster resolution,” he added.
The greatest strength of the U.S. has become its Achilles’
heel in cyberspace, maintained John Wilson, a senior fellow for threat research
at Fortra, a cybersecurity services company in Eden
Prairie, Minn.
“The USA innovates faster, adopts quicker and scales bigger
than anyone else — which is exactly why the USA is getting hammered by every
hacker from around the world,” he told TechNewsWorld.
“Success in the digital age apparently comes with an
‘increased exposure surface’ sign attached,” he added.
HTTPS Deception
Another area of distinction for the U.S. is phishing. It has
the highest share of phishing attacks at more than 61%. That contrasts with
Canada, at around 38%, and Mexico, with a minuscule 0.41%.
SOCRadar’s researchers also found that a large portion of
phishing sites use the HTTPS protocol (71.1%) compared to those using HTTP
(28.9%). “This may seem surprising, as HTTPS is often linked with secure
websites,” the report noted. “However, attackers now use HTTPS to trick users
into thinking a site is safe. The padlock icon in browsers can give a false
sense of trust.”
It added that users should not rely only on HTTPS to judge a
website’s safety, and that businesses should educate staff and customers to
look beyond the padlock and check for signs of phishing.
“In the U.S., phishing attacks are becoming increasingly more
targeted, using highly tailored campaigns driven by social engineering and
AI-enhanced data scraping,” said Darren Guccione, CEO of Keeper Security, a password management and online
storage company in Chicago.
“Phishing-as-a-service platforms are driving this by offering
fast deployment of campaigns, further lowering the barrier of entry for
cybercriminals,” he told TechNewsWorld. “These cybercriminals are not only
relying on stolen credentials but also on social manipulation to breach
identity protections.”
“Deepfake videos are a specific concern in this area,” he
continued, “as AI models make these attack methods faster, cheaper, and more
substantial. As attackers grow more sophisticated, the need for more robust,
dynamic identity verification methods — such as MFA and biometrics — will be imperative to defend
against these increasingly nuanced threats.”
High Cost of Weak Data Protection
Cypfer’s Hogg maintained that as threat actors continue to
implement and scale their own AI capabilities, attacks using social engineering
will continue to accelerate the number of breach occurrences. “This emphasizes
the need for individuals to be alert and careful with the information they put
out in the public domain through social media and other publicly accessible
platforms,” he said
As long as U.S. companies consider cybersecurity to be a cost
center rather than a necessary part of protecting their information assets, we
will continue playing leapfrog with adversaries trying to steal those assets,
added Xcape’s Small.
“Information has very real value and criminals know how to
monetize their activities,” he said. According to the report, more than half
(58.4%) of all threat activity involved the sale of stolen data, tools, or
services. “Companies need to spend time understanding the value of their
information assets so that they can prioritize which to protect and how much to
spend protecting them,” Small advised.
“Traditional security approaches of updating defenses to
combat general threat tactics, not just in North America, but around the world,
are no longer sufficient to protect sensitive information and systems,” added
John Watters, CEO and managing partner at iCounter, a cyber risk intelligence provider in Dallas.
“To effectively defend against AI-driven rapid developments
in targeted attacks,” he told TechNewsWorld, “organizations need more than mere
actionable intelligence — they need AI-powered analysis of attack innovations
and insights into their own specific weaknesses that can be exploited by
external parties.”
0 Comments