Symantec / Director of Government Affairs APJ
The cybercrime threat landscape
2019.05.22 14:30 ~ 15:00
Brian Fletcher is the Director of Government Affairs APJ, focusing on Australia-Pacific, Singapore, Japan and Korea. Based in Singapore, he leads the engagement with governments and stakeholders on public policy and provides expert advice on cybercrime and privacy issues. He also supports public-private partnerships to benefit consumers, industry partners and governments across the region.
Brian is an experienced technology executive who joined us after 21 years of Australian Government service, the last 8.5 years in the Australian Signals Directorate in the Department of Defence. His previous role was as Director of Cyber Security Relationships, where he led the development of cyber security partnerships with industry and federal, state, and territory governments.
Prior to that he served in the Australian Embassy in Washington, DC where he provided advice to the Ambassador and Defence staff on strategic cyber security and intelligence issues, and partnered with senior foreign government leadership, including heads of agencies. Other positions held include leading production, outreach, policy, and business technology change initiatives.
An experienced speaker at conferences, Brian is adept at explaining complex technological concepts and ideas to non-technical and technical experts alike. He holds a Bachelor of Science in Neuroscience, Graduate Certificates in Scientific Communications and Management and an MBA. He is a certified privacy professional (CIPP/E) and has completed executive coursework at Harvard Kennedy School of Government and the Australian National University, where he served as an Associate Lecturer.
The cybercrime threat landscape continues to evolve as cybercriminals react to law enforcement, security industry and market responses to their activities. 2018 has been no different. Mr Fletcher will provide an overview of the threat landscape, including insights into global threat activity, cybercriminal trends, and motivations for attackers using both global and Korean data. The presentation is based on data from Symantec’s Global Intelligence Network.
This year sawㅁ a reduction in the use of ransomware and cryptojacking by cybercriminals due to diminishing returns and a move towards other methods to continue to make money.
‘Formjacking’ became the technique of choice for financial crime. Formjacking attacks are simple – essentially virtual ATM skimming – where cyber criminals inject malicious code into retailers’ websites to steal shoppers’ payment card details. On average, more than 4,800 unique websites are compromised with formjacking code every month, with nearly a third of all detections occurring during the busiest online shopping period of the year – November and December.
By conservative estimates, cybercriminals may have collected tens of millions of dollars last year, stealing consumers’ financial and personal information through credit card fraud and sales on the dark web. Just 10 credit cards stolen from each compromised website could result in a yield of up to $2.2M each month, with a single credit card fetching up to $45 in the underground selling forums. With more than 380,000 credit cards stolen, the British Airways attack alone may have allowed criminals to net more than $17 million.
While the volume of Internet of Things (IoT) attacks remains high and consistent with 2017 levels, the profile of IoT attacks is changing dramatically. Although routers and connected cameras make up the largest percentage of infected devices (90 percent), almost every IoT device has been proven vulnerable, with everything from smart light bulbs to voice assistants creating additional entry points for attackers.
Other trends for 2018 include:
* Nearly one in ten targeted attack groups now use malware to destroy and disrupt business operations; up 25 percent compared to 2017
* Attackers enhance tried-and-tested tactics including spear-phishing, hijacking legitimate tools, and malicious email attachments
*Enterprise ransomware infections jump by 12 percent
*Cloud resources are increasingly easy targets for digital thieves with more than 70 million records stolen or leaked from poorly configured S3 public cloud storage buckets
* More attackers display interest in compromising operational and industrial control systems with the potential for sabotage