Fileless: Evasive Intrusion Tactics Pose Challenge for Network Defense

Fileless: Evasive Intrusion Tactics Pose Challenge for Network Defense

The NJCCIC assesses with high confidence that fileless and “non-malware” intrusion tactics pose high risk to organizations, both public and private, and will be increasingly employed by capable threat actors intent on stealing data or establishing persistence on networks to support ongoing espionage objectives or to enable future acts of sabotage.

Ransomware: Poised to Cause More Disturbance, Losses in 2017

Ransomware: Poised to Cause More Disturbance, Losses in 2017

The NJCCIC assesses with high confidence that ransomware extortion incidents will likely result in greater operational disruptions, permanent data loss, and higher financial payouts in 2017, as profit-motivated cybercriminals increasingly seek higher profile targets—with more critical data and time-sensitive operations—raising the likelihood of larger ransom payments. 

Healthcare: Cyber Risk Continues to Climb, Industry Slow to Act

Healthcare: Cyber Risk Continues to Climb, Industry Slow to Act

The NJCCIC assesses with high confidence the cyber threat and overall risk to the healthcare industry is high and increasing. In contrast to the large insurance breaches of 2015, assessed to be the work of Chinese threat actors conducting industrial espionage to support their largely state-run healthcare industry, profit-motivated hackers pose the greatest threat to the majority of healthcare organizations today.

Payment Cards: Threat Remains High Despite Chip Card Transition

Payment Cards: Threat Remains High Despite Chip Card Transition

The NJCCIC assesses with high confidence that financially motivated cyber threats targeting American consumers’ payment cards will remain high until the vast majority of point-of-sale (PoS) terminals in the United States are updated and certified to complete Europay, MasterCard, and Visa (EMV) transactions, as well as mobile payments.

Dark Web: Illicit Activity Thriving on the Underground Internet

Dark Web: Illicit Activity Thriving on the Underground Internet

The NJCCIC assesses with high confidence that a broad range of criminals, malicious hackers, and violent extremists will increasingly utilize the dark web—the underground Internet only accessible via special software that maintains the anonymity of users—to facilitate illicit activity, which will present threats to public safety as threat actors can securely communicate, conspire, and acquire materials or know-how.

Extortion: Profit-Motivated Cyber Tactics on the Rise

Extortion: Profit-Motivated Cyber Tactics on the Rise

The NJCCIC assesses with high confidence that profit-motivated cyber extortion schemes such as ransomware and ransom-demanding distributed denial of service (DDoS) threats are likely to persist as effective and lucrative criminal tactics into 2016, with cumulative US losses likely to continue climbing into the hundreds of millions of dollars.

Cross-Site Scripting: Many Websites Remain Vulnerable to Common Web Exploit

Cross-Site Scripting: Many Websites Remain Vulnerable to Common Web Exploit

The NJCCIC assesses with moderate confidence that many websites remain at high risk of cross-site scripting (XSS), one of the most commonly exploited web application security vulnerabilities. XSS is a code injection tactic–similar to SQL injection–in which a hacker inputs malicious code into a legitimate web application or website that is then executed in a user’s web browser, often to compromise user credentials or take control of the user’s session.

Mobile: Android Operating System Increasingly at Risk

Mobile: Android Operating System Increasingly at Risk

The NJCCIC assesses with high confidence that vulnerabilities, exploits, and malware variants targeting the Android operating system (OS) will continue to proliferate as Android maintains a majority share of the global mobile device market and users increasingly rely on mobile devices for email, web browsing, banking, and shopping – both for professional and personal use.

Oil and Gas: Industry Among Sectors with Highest Cyber Risk

Oil and Gas: Industry Among Sectors with Highest Cyber Risk

The NJCCIC assesses with high confidence the cyber risk to the oil and gas industry is high and the energy sector at large is a priority target of foreign intelligence services. While state-sponsored groups have demonstrated the capability to launch cyberattacks that cause physical damage to energy infrastructure, New Jersey’s energy sector is most likely to face reconnaissance and intelligence collection activities aimed at exfiltrating data and establishing persistence on high-value networks, for potential use in future sabotage operations.

Exploit Kits: A Prevailing Vector for Malware Distribution

Exploit Kits: A Prevailing Vector for Malware Distribution

Although the overall number of new and active EKs has decreased from a peak in 2012-2013, the NJCCIC assesses EK infections will continue to increase throughout 2015 as malicious actors capitalize on the window of opportunity between when vulnerabilities are discovered and software patches are released and implemented.