Today, networks are much more complex than ever. Fake emails from well-known senders pretend security. Once the attack has started, there are hardly any other options besides a complete shutdown.
Intelligent network monitoring therefore presupposes that the signature of known threats is not only searched. Rather, each network has a fingerprint of daily use, shaped by the procedures and processes of the usual workflow. Encryption measures, such as those carried out by ransomware, do not match this fingerprint and can therefore be recognized and must be isolated immediately. Control routines can be used to automatically achieve a high level of security – everything that does not match the usual fingerprint is usually due to an intruder from outside or even inside.
E-Mail Inbox Risk
With this intelligent method, completely new risks can be quickly exposed. Much of the current new infections go through the email inbox. To do this, several thousand compromised email accounts are misused by companies and private users. In addition to some small and medium-sized companies, it has also hit city administrations in the past few days.
Possible attack options include changes to messages sent by other people or manipulation of WhatsApp groups. Millions of WhatsApp users worldwide are affected. In WhatsApp groups in particular, there are numerous scam opportunities. It is estimated that there are currently more than a billion groups. Around 70 billion WhatsApp messages are sent every day. Experts found the vulnerability through WhatsApp Web and were able to spy on encryption details. The researchers were able to carry out the exploits mentioned by extending the protocol used. Although the attack started via WhatsApp Web, the platform used is not a factor for the victims. The users of the mobile app are also affected.