Kevin Gosschalk, founder and CEO at Arkose Labs, and other security industry leaders, see the recent rash of cybersecurity attacks as more opportunistic than sophisticated. In an interview with The Green Sheet, Gosschalk suggested consumers and business owners give too much credit to fraudsters, whom he described as low-level operatives.
“Criminals are bulk-creating accounts to purchase expensive items, which they ship to themselves and resell at a markup,” Gosschalk said. “To get the best return on investment, they automate the process with software and scripts to do this 10,000 times an hour, as opposed to doing it by hand.”
Automation themes are further explored in “The Ultimate Guide to Bot Prevention: Eliminating Fraud and Automated Abuse on Web, Mobile and API Traffic,” a whitepaper published by Arkose Labs in July 2020. In the paper, researchers depict fraudsters as average people who “get up each day to perform a job.”
Widescale attacks
While a majority of cybercriminals treat automated attacks as a numbers game, the prevalence of malicious bot activities indicates that businesses and service providers are not yet winning the battle, according to Arkose Labs’ findings.
“Many bots are effective due to sheer volume; only a fraction of them need to be successful for the fraudster to make money,” researchers wrote. “These types of attacks are carried out by generally unsophisticated, simple programs.”
Researchers pointed out that much of the low-value, high-volume activity is designed to be executed at scale to drive profit with a few successful hits. Attack methods may include spam campaigns that only require a few clicks on malicious links to derive a profit.
Rinse and repeat
Matt Keil, director of product marketing at Cequence Security, identified a new Linux malware that targets Docker APIs and plants new servers inside private cloud-based infrastructures. “This is truly ridiculous,” Keil said. “History continues to repeat itself as app dev moves towards agile, container-based and API-centric development methodologies. Whether it is Docker as in this case, an S3 bucket, or a database, every week we see the same mistakes made, exposing data to the world.”
Keil advised consumers to “vote with their feet” by refusing to do business with any company that repeatedly makes the same errors. “We need a wake-up call,” he stated. “The problem seems to be getting worse, and it’s making the lives of security professionals around the world more difficult, not better.”
A full copy of the Arkose Labs whitepaper is available online.
Please read the original article, here.
