Hackers increasingly adjust their attacks to the behavior of users. Several Trojans in the past year demonstrated that hackers carry out detailed analyses of their targets. This means that the focus of cyber attacks no longer is on the software or the operating system but rather that the user is being searched for possible security vulnerabilities. The strategy was implemented for the first time in 2016 after respective tendencies had already been observed in the previous year. Specifically targeting user behavior has now become established.
More and more Trojans have been optimized in such a manner that spam detection becomes increasingly difficult: in December last year almost all registered cyber attacks already relied on a click by the user. This marks a departure from the previous approach of automatically infecting the computer with the Trojan. The style of deception has also seen visible changes: emails with infected attachments are often personalized, making it harder to identify them as automatically generated email with malware. In addition the emails often take office hours into account and are written in the respective national language. And cyber criminals also use marketing knowledge to reach their goals: phishing campaigns increasingly reach their victims on Tuesdays, Wednesdays and Thursdays, blackmailing campaigns mainly on Tuesdays and Thursdays, due to the higher click rates on these days. Looking at the time of the day, noon is the peak hour for sending infected emails.
More often than technology, it is the user that leads to an infection with a Trojan. Wannacry made this fact visible. It was able to cause large amounts of damage, as many Windows users had not installed the security patch that had already been available for months. Many companies were among the victims as well, revealing the fact that they had not properly maintained their operating systems. And many private consumers use utterly outdated operating systems for which security updates are no longer available. The negligence of private consumers and companies alike shows that they are often not aware of the security risks and possible consequences. This awareness radically changes once the monthly financial statement or the pictures of the last vacation are encrypted.