As the fears of a new covid variant begin to set in malware developers can be expected to align with the new level of confusion and anxiety this might cause. More importantly, with the rising fears about the Omicron variant, we expect newly opened supply chains to be targeted by malware developers, hackers, and APT groups. Our previous advisory for December 2021 now stands canceled as we are evaluating the impact of this development on cyberspace.
Hackers will get another chance to exploit previously identified but unreported vulnerabilities in IT, IoT and OT devices. In the last week (week ending November 27th), our global honeypots across 45 cities registered a decline in cyberattacks while 15 reported a steep rise and 12 reported stagnant levels of cyberattacks. This is a very suspicious trend for this year and a sign for things to come in December.
Most of the honeypots that reported a rise in cyberattacks were based in North America (US to be more specific). These are attacks linked to the Thanksgiving holiday when most employees are on a vacation or taking a break. Hackers even check for out-of-office replies coming from cybersecurity teams to plan and sequence their next attack.
Phishing campaigns, fraudulent websites, and messages promising the best deals are an immediate call to stay vigilant as they come with surprises that include malicious links with capabilities of compromising your device without being detected and moving laterally to infect the rest of the network. Such attacks are at an all-time high.
We at Sectrio urge all to be vigilant as the year comes to an end.
Weekly advisory
Segments under this list must be on high alert in the coming weeks:
- Healthcare
- Oil and gas
- Manufacturing
- Water and water treatment
- Utility entities
- Cryptocurrencies
- Government
- Maritime agencies
- Financial services