INTELLIGENT BRANDS // Enterprise Security
Most security vendors have ample data on which of their customers were targeted and how those attacks were launched.
The majority of the victims were located in the Middle East and Asia, with a smaller subset in Europe and North America. All of the victims ran Microsoft Windows operating systems, many of which contained traditional endpoint antivirus solutions. Additionally, several of these systems were observed to contain timecard, billing and inventory software.
The victim organisations also ranged in size from small to medium-sized businesses with both local and global footprints. However, while Nigerian actors focus their malware efforts against targets they believe to be profitable, this activity is sometimes indiscriminate and can result in significant secondary impacts to the international community.
While next-generation security solutions are highly effective at identifying Nigerian cybercriminal activity, traditional antivirus solutions are far less successful. An analysis of over 8,400 malware hashes submitted to VirusTotal showed an average identification rate of only 52 % across vendors. This presents challenges to businesses worldwide that rely on legacy endpoint products alone to protect their employees when traveling outside the more sophisticated protections corporate networks typically provide. three generic categories: self-named, fake organisations, and impersonation of legitimate organisations.
The ability to provide accurate metrics for the victims of these attacks presents a unique challenge for cybersecurity analysts. This information is clearly valuable, as it supports the capability to quantify the level of success being achieved by Nigerian actors. However, the issue lies in distinguishing between individuals and organisations that were targets of these attacks, as compared with the organisational systems that were actually compromised by the malware.
Finally, these attacks have matured. Businesses have become the primary focus of Nigerian cybercrime, and the losses have already proven to be substantial. Proof of an individual actor’ s ability to steal $ 60 million, as well as evidence that groups using these techniques have been successful at stealing $ 3 – 6 million annually, should be considered a measure of their criminal competence.
Because of these traits, it is assessed that Nigerian actors have demonstrated a clear growth in size, scope, complexity and capability over the past two years, and as a direct result, they should now be regarded as a formidable threat to businesses worldwide. www. intelligentcio. com INTELLIGENTCIO
45