Trend Micro Security Predictions for 2015 and Beyond: The Invisible Becomes Visible says that in 2015 there will be a rise of targeted attack campaigns across the Asia Pacific (APAC) region. Such attacks focus their efforts on infiltrating a specific organisation. This comes on the heels of 2014’s successful large-scale data breaches targeting victims around the world.
According to the report, targeted attack campaigns will be the norm rather than the exception. Noteworthy cases in the US and China show that targeted attacks have become the preferred means of intelligence gathering for cybercriminals. The motivations behind these campaigns include obtaining financial information, personal data, and top secret classified government data.
Trend Micro threat defense experts have already noted attacks against organisations in Vietnam and India, and recently in Malaysia and Indonesia. Attacks in other APAC countries can be expected. In particular, social media will increasingly be abused as infection vectors. Social media can be used to carry suspect links, and also to personalise the content used to dupe a user into visiting a malicious site or downloading malware.
Threat actors will also explore the viability of exploiting router vulnerabilities as a means of getting in to target networks.
Threat actors will also explore the viability of exploiting router vulnerabilities as a means of getting in to target networks.
“What we are seeing today is not a huge surprise. Cybercriminals have increased their velocity and the brutal measures they use to steal information,” said Dhanya Thakkar, Managing Director, Asia Pacific, Trend Micro. “Following the success of targeted attacks from Chinese and Russian cybercriminals, many attackers from other countries will regard cyber-attacks as a more practical method to grab a foothold in an organisation.”
Trend Micro Security Predictions for 2015 and Beyond: The Invisible Becomes Visible makes several predictions for 2015:
1. Targeted attacks will become as prevalent as cybercrime.
A security threat could focus on getting 'command and control' access, such as issuing a command to the hard disk to destroy itself, criminal purposes, hacktivism, espionage, or just destruction. Top secret government data, financial information, intellectual property (IP), and industry blueprints could be the targets, said David Siah, Singapore Country Manager, Trend Micro.
Siah likened network protection to Mentos, a popular candy with a hard exterior and a chewy interior. While enterprises invest in hardening the external perimeter, the network inside is still 'soft'. "If someone wants to get in, he will get in, and can do anything within the castle walls," he said.
Siah likened network protection to Mentos, a popular candy with a hard exterior and a chewy interior. While enterprises invest in hardening the external perimeter, the network inside is still 'soft'. "If someone wants to get in, he will get in, and can do anything within the castle walls," he said.
2. Increased cyber activity will translate to bigger, more successful hacking tools and attempts
"Today it's about whether you want to mine for gold or sell the prospecting tools," Siah commented.
3. More cybercriminals will turn to 'darknets', parts of the Internet which are so secret they cannot be found by Google, and exclusive-access forums to share and sell crimeware
Trend Micro experts also expect to see more cybercriminals turning to the Deep Web for the anonymous sharing of hacking tools and associated information. Evasive tactics like IP fencing keep cybercriminal identities safe, allowing cybercrime to thrive. Law enforcement agencies will largely feel the Deep Web’s impact since it will make it more difficult to hunt down cybercriminals. However, improved collaboration and intelligence sharing between the various security agencies will boost their efforts to combat cybercrime.
4. Exploit kits will target Android
The increased adoption of mobile devices will also increase the risk for mobile users. Android—the top mobile platform in APAC, making up an average of 71% of total impressions—has a fragmentation problem. This means the software version running on a user’s device is dictated by hardware vendor support. Cybercriminals can take advantage of this fragmentation problem by developing exploits for existing device vulnerabilities that have not yet been patched. This can be done easily using exploit kits similar to the infamous Blackhole Exploit Kit.
5. Technological diversity will save Internet of Everything (IoE)/Internet of Things (IoT) devices from mass attacks but the same won't be true for the data they process
The IoE and IoT could suffer more damage from targeted than mass attacks as the technologies across IoE and IoT are still too diverse. The data that processed through the IoE and IoT sensors, however, are not safe.Other predictions include:
- More severe online banking and other financially motivated threats will surface
- New mobile payment methods will introduce new threats
- We will see attempts to exploit vulnerabilities in open source apps
Today's data centres require specialised protection that is adapted for the unique features of virtualisation and the cloud, Siah added. As virtualised environments maintain different workloads change them on the fly, the security technology has to be aware of the context of the workload in order to protect it appropriately. "Virtualisation can create new servers and provision them very fast," he said. "The approach to security must be different."
No comments:
Post a Comment