Trend Micro has found that major misconceptions still exist around security. Many companies still believe that they are unlikely to be targeted, or that trusted environments are safe. A survey by Trend Micro found that 35% of companies in APAC are sure they have escaped attacks, whereas more than a quarter (26%) actually said they do not know. The remainder either suspect, or know that they suffered breaches.
The reality is that more malicious detections were detected and blocked in Singapore over Q314 than in Q214. David Siah, Singapore Country Manager for Trend Micro, said that in Q3, than 7 million attempts were made by Singapore-based users to access malicious websites, with 611,000 attempts trying to get to malicious URLs hosted in the country.
 |
| Siah. |
Siah highlighted that common malware like WORM_DOWNAD.AD, codenamed 'Conficker', are still making it to the top 10 in Singapore, implying that Singapore users are not updating their systems regularly, or using an operating system that is no longer supported by Microsoft, such as Windows XP. "We have seen through our sensors many targets.. under the control of a malicious threat actor," he said.
A vulnerability termed CVE-2012-0158 is a favourite means of attack, followed by CVE-2010-0188. The first was discovered in 2012, and the second in 2010, Siah added, showing that victims have not patched their systems against them since 2012 and 2010 respectively.
Microsoft Office accounts for 53% of targeted attacks, and another 46% are through Adobe Reader. "We live so much with documents today. If there is an attachment I might just click on it, it could present itself as a legitimate document that talks about my work, or a report about the industry that I'm very interested in," noted Siah. "If we live with unpatched vulnerabilities in our systems, we are subject to threats like this."
While lax user practices help the online cybercriminal community, and well-known malware like Zeus is offered free to the community, it may seem like updating systems regularly will be enough protection; but Siah said such updates depend on bugs to be publicly announced by others, after which 'signatures' can be created to detect them. This leaves a window of opportunity in between the announcement of the bug and the availability of the patch for cybercriminals to target users.
In addition, known vulnerabilities are just the tip of the iceberg. Existing bugs like Shellshock were only announced after decades, while malware can mutate to the point where they are essentially signature-less. "Traditional cybersecurity defences cannot detect such signatureless threats," Siah warned. "Exploiting a vulnerability will be as easy as creating an app."
It is a global problem, even if targeted attacks used to be associated only with countries like US or Russia, Siah further said. Trend Micro is aware of gangs in Brazil and China, and while the cybercriminals may base their operations in one country, they could be connected by the Internet to anywhere else in the world.
Siah shared that Trend Micro sensors have found that attacks in APAC range across Taiwan, Japan, Indonesia, mainland China, Malaysia, the Philippines and Bangladesh, with Singapore being a relatively minor target. "If a US company has a Taiwan subsidiary, the attackers could go to the subsidiary and once they have gained control of the Taiwan servers they could then jump internally from country to country till they reach the main HQ," Siah pointed out.
Read the blog post about Trend Micro's predictions for 2015 here and about its new Custom Defence-as-a-Service here.
Read the blog post about Trend Micro's predictions for 2015 here and about its new Custom Defence-as-a-Service here.
No comments:
Post a Comment