Security 2015: Targeted attacks to become more widespread
5 November 2014 | 0
Trend Micro has released its 2015 IT security report, entitled “Security Predictions for 2015 and Beyond: The Invisible Becomes Visible”, in which it predicts that targeted attacks “will become as prevalent as cybercrime”, mobile payments will attract new threats, and open source applications will be targeted for vulnerabilities, along with the Android mobile operating system (OS).
“The payment ecosystem will continue to evolve,” said Robert McArdle, advanced threat research manager, Trend Micro EMEA. “There will be some large transformation in the years ahead and we expect to see threat actors trying to manipulate technologies such as Near Field Communications (NFC), Apple Pay, Google iWallet as these platforms gain momentum due to their significant following and user’s penchant for adopting the latest and greatest technology.”
Seven key trends were listed in the report.
Trend predicts that cybercriminals will increasingly turn to dark nets, such as the Tor network, and exclusive-access forums to share and sell crimeware. This is software and applications specifically crafted to perpetrate certain cybercrimes, such as distributed denial of service attacks (DDoS).
A direct consequence of this will be a proliferation of better tools to allow more cybercriminals to run schemes and attacks, resulting in “better, bigger, and more successful hacking tools and attempts”, the report warns.
The Android mobile OS will be an increasing target too, as mobile vulnerabilities play a bigger role in device infection, the report asserts.
Targeted attacks will become as prevalent as cybercrime, says Trend, again facilitated by the prevalence and ease of use of specific tools and applications to facilitate attacks.
Mobile payments were also singled out, no doubt due to the renewed focus as Apple launches its Pay service, and others in the market scramble to take advantage of the renewed momentum in the market. The report said that new threats will emerge as cybercriminals seek to target increasing users and volumes of traffic.
Open source applications will be targeted to exploit vulnerabilities too.
Internet of Things
There has been much criticism of manufacturers and vendors whose devices come under the heading of the Internet of Things, as insecure and badly designed products can pose a threat to users. Trend says that technological diversity will save Internet of Everything devices from mass attacks, but also warns that the same will not be true for the data they process.
The report also suggest that more severe online banking and other financially motivated threats will surface. The report says that the threats around banking will continue to become more severe as more unique cybercrime attacks against financial institutions also emerge and financial and banking intuitions must implement two-factor authentication for online services.
According to the report, targeted attack campaigns will continue to grow in 2015, as Trend Micro’s threat defence experts predict a rise in activity from hackers within countries such as Vietnam, UK, and India. There will also be attacks against non-traditional countries, such as those seen recently against Malaysia and Indonesia based organisations.
“What we are seeing today in terms of targeted attacks is not a huge surprise but the frequency of such attacks is definitely on the rise,” said McArdle. “One could say we are in a golden age for hacking, with some much of our personal and corporate data connected to the internet — all only a single mistake away from being in the hands of a criminal.”
“Following the success of targeted attacks from Chinese and Russian cybercriminals, many hackers from other countries will regard cyber-attacks as a more practical method to grab a foothold in an organisation, and will yield large cash sums and theft of data. Additionally, with the constant barrage of data breaches emerging almost weekly, it’s reasonable to presume that data breaches will be essentially regarded as a common offshoot of the present threat landscape,” said McArdle.
The Security Predictions for 2015 predicts a continued increase in the exploitation of smart devices such as smart cameras, appliances and TV’s as cybercriminals become more aggressive at targeting these platforms as well as the organisations who manage the data.
As factors such as market pressures push device manufacturers to launch more and more smart devices to meet the rising demand, so attackers will increasingly find vulnerabilities to exploit for their own gain, the report warns.
“Smart homes and home automation will continue to proliferate across the globe, further increasing all of our attack surfaces. As such, smart device manufactures must consider how to secure the data that resides in these devices not just the devices themselves” said McArdle.
The report is available here for download.