Targeted Attacks and Malware Set to be Biggest Cyber Threats of 2015
Written by Mohamed Djenane, Security Specialist, ESET Middle East
2014 was a big year for the cyber security industry with shocking revelations emerging of data breaches of immense scale conducted against some of the largest and most prestigious global organizations. At the start of the year, ESET, the global leader in proactive digital protection, correctly laid emphasis on internet privacy, new assaults on the Android operating system and the new wave of high-tech malware in its predictions for the main threats that business and home users would face. Based on extensive research conducted through 2014 and the analysis of global and regional cyber trends, the company has now put together its predictions for the top IT security trends that will dominate headlines in 2015.
If there is one lesson IT security researchers have learned in recent years, it is that targeted attacks are an increasing trend. And 2015 won’t be an exception. Most commonly known as Advanced Persistent Threats (APTs), their main differences with traditional cyber-attacks are target selection, duration of attack and stealth. In most of these attacks, there is a specific target, as opposed to traditional attacks that use any available corporate targets for their purposes. Secondly, these kinds of attacks try to stay unnoticed for longer periods of time. In this context, it is important to notice that the attack vectors are predominantly Social Engineering Attacks or zero-day exploits.
According to https://github.com/kbandla/APTnotes APTnotes repository- a site that collects APT attacks from various publicly-available documents and notes, sorted by year- these kinds of attacks have grown over the past several years from 3 identified attacks in 2008 to 75 known attacks in 2014 and probably many others as yet undiscovered. These stats are based only on well-known public attacks, so it is reasonable to think that the statistics showing a growing trend is real; the amount, however, should be bigger, taking into account attacks that never reach the public space because of confidentiality reasons.
Ransomware and malware
Ransomware will be a key point for malware developers and it will be a more relevant threat in the following years. During 2014, we saw big companies like Yahoo, Match or AOL get hit by ransomware and ESET researchers also published Android/Simplocker analysis, the first Android File-Encrypting TOR-enabled Ransomware. In December of 2014, in a panel discussion at Georgetown Law’s called “Cybercrime 2020: The Future of Online Crime and Investigations” it was mentioned that ransomware is the future of consumer cybercrime”.
Payment systems in the spotlight
In parallel with the growing use of online payment systems, the cybercrime interest on attacking them grows too. At this point, it is already obvious that cybercriminals will continue putting efforts into payment systems the more money circulates on the web. On the other hand, point of sale systems are still a current technology and malware authors are well aware of that. In mid-2014 ESET published a blog post on We Live Security about the worm Win32/BrutPOS that tries to brute-force its way into PoS machines by trying a variety of (overused) passwords in order to log in via Remote Desktop Protocol (RDP).
There are other malware families for POS like JacksPos or Dexter, which could be the responsible ones for big attacks on Target wherein 40 million cards’ data was stolen or Home Depot where 56 million cards were leaked after more than 5 months of the attack that started in April and was not discovered until almost September, when the company announces the leak.
It is interesting to note that since the BlackPOS source code was leaked in 2012, it will probably facilitate the creation of new variants of this threat that will increase over the next few years.
Internet of Things: Attacks on Things
There is no reason to think that new devices that are going to be connected to the Internet, storing more data on them and being useful for users, are not going to be a target for cybercrime. The Internet of Things trend will surely create an interest for cyber criminals. During this year we have seen some evidence of this emerging trend, like attacks on cars shown at Defcon conference using ECU devices or the Tesla car that was hacked to open doors while in motion, as discovered by Nitesh Dhanjani. Attacks and proofs of concept were shown on several SMART TVs, Boxee TV devices, biometric systems on smartphones, routers and also on Google glasses!
It should be noted though that the internet of things is an emerging space for cyber crime so it will take a few more years until it is in common use. Nevertheless, this will be a trend not for its quantity but for its uniqueness and innovation.
These are only the most important things that ESET has identified as big trends for 2015 regarding malware and cyber-attacks. Of course there are other current trends like mobile attacks that will remain on the rise and much more information to be shared. Knowing what to expect can help organizations and users be more aware and thus better protected.