Barracuda Networks, a leading provider of cybersecurity solutions, has released its latest report on spear phishing trends in 2023. According to the report, spear phishing attacks have become increasingly sophisticated, with cybercriminals leveraging a range of tactics to trick victims into divulging sensitive information or downloading malware.
One of the latest trends in spear phishing is the use of low-complexity exploits to expand botnets in IoT devices. This is exemplified by the Mirai malware, which has been updated with new features and is now capable of infecting a wider range of devices. Mirai malware is often used to launch large-scale distributed denial-of-service (DDoS) attacks.
Another trend highlighted in the report is the use of tailored reconnaissance tools by state-sponsored groups like Kimsuky. These tools are designed to gather intelligence on a specific target, such as a government agency or a research institution, and can include custom malware and social engineering techniques.
CosmicEnergy, a new type of OT and ICS malware believed to originate from Russia, may also be used for red teaming. This involves testing an organization’s cybersecurity defenses by launching simulated attacks. CosmicEnergy is particularly concerning because it targets critical infrastructure systems, such as those used to control power grids and transportation networks.
The report also notes that Legion malware, which was first discovered in 2021, has been upgraded for the cloud. This means that it can now be used to target cloud-based applications and services, which are becoming increasingly popular in the business world.
In addition, the report warns of a new ransomware group called Blacktail, which is using recycled ransomware to encrypt victims’ data and demand payments. As with many ransomware attacks, the group may have gained access to victims’ systems through a phishing email or other social engineering tactic.
Finally, the report highlights the quiet but persistent activity of GoldenJackal, an advanced persistent threat (APT) group that has been active since at least 2019. APT groups like GoldenJackal are typically state-sponsored and have the resources and expertise needed to carry out complex attacks over extended periods of time.
Overall, the report emphasizes the need for organizations to remain vigilant against the constantly evolving threat of spear phishing. This includes training employees to identify and report suspicious emails, implementing multi-factor authentication and other security measures, and keeping software and security systems up to date. With cybercriminals becoming increasingly sophisticated, it will take a concerted effort to stay one step ahead of them.