Ever-larger security breaches from well-known names
 |
| Source: Veritas. Rajendran. |
Hugh Thompson, Symantec CTO and Steve Trilling, Senior VP and GM Security Analytics and Research at Symantec highlighted that threat activity had 'accelerated' in 2018. "Beyond all-too-common corporate attacks, 2018 saw accelerated threat activity across a diverse range of targets and victims," they said.
"A growing assortment of nation-states used cyber probes and attacks to access everything from corporate secrets to sensitive government and infrastructure systems."
 |
| Source: Malwarebytes. Hurmuses. |
“AI is enabling predictability and will play a key role in data protection in 2019 and in the future. As businesses are continuing to adopt more complex IT environments, such as hyperconverged infrastructures and other modern workloads, data protection will also need to adapt. AI consistently learns from the system as these dynamic IT environments adapt and change,” said Ravi Rajendran, MD, Asia South Region, Veritas Technologies.
“With regulations such as General Data Protection Regulation (GDPR) guaranteeing data protection for users at a business’s expense, it is becoming increasingly important to keep data under lock and key.”
“In Singapore, the Personal Data Protection Commission (PDPC) has recognised the benefits of AI and is also taking strides to ensure that both businesses and the public are well educated about the AI value chain (developers, businesses and consumers). On top of this, they have also developed an AI governance framework which will consider important issues in the commercial deployment and adoption of AI in Singapore. Proactive strategies to avoid the repercussions of even a moment of downtime will be critical for businesses in 2019 that need to provide round-the-clock data support,” he said.
Data-in-transit compromises
 |
| Source: Symantec. Trilling. |
“Such 'form-jacking' attacks have recently impacted the websites of numerous global companies. In another attack targeting enterprise data in transit, the VPNFilter malware also infected a range of routers and network-attached storage devices, allowing it to steal credentials, alter network traffic, decrypt data, and serve a launch point for other malicious activities inside targeted organisations,” Thompson and Trilling said.
Invisible infections
Malwarebytes says new infection methods designed to avoid detection and maintain persistence have resulted in a whole new category of attacks which it calls 'under the radar' malware. This is a group of threats that is growing in sophistication and frequency, according to the new Download Under the Radar: The Future of Undetected Malware report from the company.
The problem is that victims do not realise they are under attack, until it is too late, Malwarebytes said.
ASEAN as a target
 |
| Source: Symantec. Thompson. |
Malwarebytes has found that the ASEAN region is seeing more exploit kit activity than any other part of the world right now, as so many users in ASEAN countries use outdated operating systems and browsers that make them vulnerable to existing exploits.
Jeff Hurmuses, Area VP and MD, Asia Pacific, Malwarebytes said, “ASEAN will remain a prime target for cyberattacks as the region becomes more closely linked through trade, capital flows and technology, making it more prone to complex cyberattacks.”
The Malwarebytes report found that the Emotet banking Trojan, Sorebrect ransomware, SamSam and TrickBot represent the future of attacks. If Sorebrect had been distributed through an exploit kit, the victim would likely have no idea they were infected until it was far too late and it would require almost no interaction by the victim, other than visiting a website, the company said.
Nearly 60,000 instances of Emotet were detected in the Philippines by Malwarebytes, while there are significant Sorebrect infections in Indonesia, Thailand and the Philippines.
No comments:
Post a Comment