Attackers are increasing the number of backdoor attacks they use to spread malware and ransomware, showing that organisations cannot put any trust in anyone to protect their endpoints and identities.
According to IBM's Security X-force Threat Intelligence Index 2023, hackers are prioritising these backdoor assaults in their efforts to blackmail downstream victims whose data has been hacked. The effort to breach a backdoor was the beginning of 21% of all intrusion attacks. A ransomware component was present in two-thirds of backdoor attempts.
The X-Force Intelligence team at IBM also found that backdoor attacks increased significantly in February and March of last year, as shown by a notable uptick in Emotet malware instances. In 2022, the increase was so large that it was responsible for 47% of all backdoor penetration attempts worldwide.
“While extortion has mostly been associated with ransomware, extortion campaigns have also included a variety of other methods to apply pressure on their targets,” stated Chris Caridi, cyber threat analyst for IBM security threat intelligence. “And these include things like DDoS attacks, encrypting data, and more recently, some double and triple extortion threats combining several of the previously seen elements.”
Businesses that rely on perimeter-based protection are being out-innovated by ransomware attackers. The average time to launch a ransomware assault has been cut in half over the past two years by 94%. In just under four days in 2021, ransomware attackers were able to complete what took them two months in 2019.
Backdoor attack industry, a lucrative field
On the dark web, one of the most valuable and expensive assets for sale is backdoor access to an organization's infrastructure.
Access brokers continue to build a robust industry selling mass stolen names and credentials to ransomware attackers, according to CrowdStrike's 2023 Global Threat Report. Government, financial services, industrial, and engineering organisations had the highest average access request prices, according to the highly recognised intelligence team at CrowdStrike.
While access to the government sector cost an average of $6,151, it cost an average of $3,827 to access the academic sector.
In the 2023 index, the IBM team writes, "first access brokers often attempt to auction their accesses, with X-Force having seen prices at $5,000 to $10,000, while final pricing may be less. Accesses have been known to sell for $2,000 to $4,000 in some cases, even reaching $50,000.
Mitigation Tips
Employ antivirus: Use sophisticated antivirus software that is able to recognise and stop a variety of viruses, including as trojans, cryptojackers, spyware, and rootkits. Before they can infect your computer, an antivirus will find and remove backdoor malware. To make sure you're as safe as possible online, good antivirus software like Norton 360 also contains technologies like Wi-Fi monitoring, a powerful firewall, web protection, and microphone and camera privacy monitoring.
Use firewall: Firewalls, which keep an eye on all of your device's incoming and outgoing traffic, are crucial for anti-backdoor protection. The firewall will prevent unauthorised users from accessing your smartphone, and it will also stop any apps on your device that attempt to send data to an unidentified network location.
Even after your device's malware detection has been tricked, advanced firewalls can find unauthorised backdoor communication. Although the built-in firewalls on Windows and macOS are both fairly good, they are insufficient. There are a few antivirus software packages that have effective firewalls (McAfee has great network safeguards), and you might also think about getting a smart firewall, which is a real-world hardware item that you attach to your router.
Use a good password manager: Password managers create, store, and even let you automatically log into all of your accounts' login credentials. Using 256-bit AES encryption, all of this data is safely secured and protected by a master password. The security of your password vault can even be increased by employing biometric login or 2FA technologies like TOTP generators and USB tokens, according to advanced password managers like Dashlane. Password managers make it far more difficult for hackers to break into your network or spread throughout your network in the case that a backdoor is placed on your system since they create random, complex passwords.
