October 31, 2019

“I heard one cry in the night, and I heard one laugh afterwards. If I cannot forget that, I shall not be able to sleep again.” from Count Magnus by M.R. James

Are you the type of person who switches the lights off when the kids come-a-knocking at Halloween? Or, do you have your tin of sweets beside the door, in readiness when you see their eager little faces? In other words, are you a person who prepares for Halloween?

Halloween can be a fun-time. Our kids, and sometimes, ourselves, dress up in crazy costumes as ghosts and ghouls to celebrate All Hallows’ Day. Dressing up for Halloween is in many ways how cybercriminals operate. These faceless ghouls who can ruin our businesses and lives, haunt our networks with their fileless malware – invisible to many security tools. Like Halloween, we should prepare ourselves for the ghostly manifestations of the cybercriminal coven.

To help, we have gathered here today, some stories of cybercrime that remind us of Halloween in their scary, spooky, and ghostly ways. By knowing what the cyber-ghouls get up to, we can use our magic wand of knowledge to make them go ‘poof’ and disappear.

A Spooky Story of Cybercrime

Do ghosts exist? In the world of cybercrime, they seem to. Cybercriminals like to work by stealth, here is the ghostly way of the threat that won’t go away:

The Advanced Persistent Threat (APT) or Halloween version – Maledictive Presence, uses every trick in the cybercriminals Halloween goodie bag. Starting with surveillance on the chosen target, they learn all they can to get into a system. Next comes spear-phishing or other methods like an infected website (Watering Hole). This provides the means to infect a computer with malware. The malware is often controlled by an outside force (cybercriminal) eventually executing across the network to locate your corporate booty (data). Like a ghost, the APT can be a slow haunting presence that sucks the life (or data) out of a company.

An APT is the Halloween gift that keeps on giving. Research has found that 64% of companies are attacked within 2 years of the first attack. Malware infection can be a persistent threat, the best course of action is not an exorcism, but to not get infected in the first place.

Abandon Hope All Ye Who Enter Here

It was a dark night and the mists rolled in covering the graves like a dance of death. But seriously, account takeover is a big problem. Account takeover is a type of identity theft, like the Death Eaters in Harry Potter, cybercriminals come and take your digital life.

Because of all the data thefts of recent years, one of the easiest ways to perform an account takeover is to drop into the darknet and buy yourself some stolen login credentials. The average number of online accounts we each have is 150. Many of us use the same login credentials to access many of those accounts. Who wouldn’t? Remembering all those passwords would be a Nightmare on Elm Street. Akamai found that around 30 billion attempts were made to reuse stolen credentials in 2018. They also reported that in February 2019, 620 million usernames and passwords, were put up for sale on the darknet.

The Ghost of Christmas Yet to Come

“It was shrouded in a deep black garment, which concealed its head, its face, its form, and left nothing of it visible save one outstretched hand. […] It thrilled [Scrooge] with a vague uncertain horror, to know that behind the mask there were eyes staring at him.”

The spectre of future crimes is always lurking. New technologies like Artificial Intelligence are opening up new opportunities for cybercrime. The latest deepfake-based CEO fraud is a portent of things to come. Although not yet fully confirmed as truly being executed via a fake voice, the CEO in question was duped into handing over around £200,000 to a cybercriminal who pretended to be the boss of the parent company. Technology is an ever-evolving game, and this has created an arms war between the cybercriminals and business. The only way to win the war is to be ever vigilant.


Imagine a world inhabited by the undead? This is not too far from the truth if you are a computer. An attack that turns Windows machines into Zombies is coming to a company laptop near you. Microsoft has discovered a new malware type nicknamed Nodersok. The malware turns your PC into a zombie, controlled by a cybercriminal. The machine becomes an undead slave, and its fileless attack mode means it lives, like a ghost in the machine, sucking the life out of your data and your computer.

A Final Bedtime Halloween Story

What a cybercriminal can do to our identity, our businesses, our reputation, makes your skin creep. Being prepared for Halloween, either by hiding behind the curtains or having your sweet tin filled to the brim, is like being prepared for cybercrime. Security awareness training is a way to fill your sweet tin and prepare for the onslaught of modern cybercrime. The difference, Halloween sweets are loved by kids, but cybersecurity awareness is hated by cybercriminals.  Modern cyber-attacks are like ghosts, they could be there but not seen. Psychics don’t work in computing, but knowledge does.

To arm your staff with the digital equivalent of garlic and a cross, you have to teach them how to spot the tell-tale signs of scams and phishing. You also have to give them the weapons of know-how. What is a robust password, what is the point of a clean desk, and so on. When dealing with the deadly spectre of cybercrime, the best weapon is to know thy enemy.

“I’d dearly like to meet you Count Magnus.” Says Mr, Wraxall in the story of Count Magnus by M.R. James. The sarcophagus then beings to open…

Let’s keep that sarcophagus shut by staying cyber-safe and security aware.


Share this: