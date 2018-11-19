Cybersecurity is getting back in the hands of the humans, according to Sophos Principal Research Scientist and Security Expert Chester Wisniewski.

“We’re defending our networks better and so the criminals are having to move from automation to human operated attacks,” said Wisniewski. “Many businesses are just not prepared for that. In the past, the activity we saw out there was computerized bots. We call them ‘bot’, short for robot, but we saw a lot of activity that was all automated. That meant researchers like myself could take those things apart, figure out how they worked and build defenses against them.”

Hackers are picking their targets more carefully and looking for a bigger score when they do it.

“Ransomware has been one of the biggest problems facing companies the last couple of years,” said Wisniewski. “Now, that’s moving into sort of a targeted ransomware, we’re calling it. That’s again, because of that human operation. The criminals, rather than just hitting a few random computers on your network for a $500 ransom for you to pay to get them back, instead they’re sort of operating more like a traditional burglar.”

Wisnewski means that they are breaking in and ‘casing’ the network digitally before deciding what computers to attack.

“They’ll specifically target databases, file servers, high value assets that they think you’re more likely to pay up and pay quickly and demanding a lot more ransom,” said Wisnewski. “The one group we were tracking in 2018 was asking almost $50,000 ransom per victim. More than half the victims were paying.”

Wisnewski says be especially vigilant when you’re using a mobile device, because it’s much harder to tell a scam from a legitimate source when you’re looking at a small phone, as opposed to a laptop or desktop, as always, if it looks too good to be true, it probably is.