Targeted attack campaigns against enterprises will continue to multiply in 2015 as more ransomware variants appear, predict experts.
Hackers within countries such as Vietnam, the United Kingdom and India will pursue the use of targeted attacks to try and take down corporations, according to Trend Micro Australia and New Zealand enterprise sales director Sean Abbott.
“Following the success of targeted attacks from Chinese and Russian cyber criminals, many hackers from other countries will regard cyber attacks as a more practical method to grab a foothold in an organisation.
"With the incessant barrage of data breaches emerging almost daily, it’s reasonable to presume that data breaches will be essentially regarded as a common offshoot of the present threat landscape,” he said in a statement.
Threats around banking will continue to become more severe as unique cyber crime attacks against financial institutions emerge and banks implement two-factor authentication for online services.
“The payment ecosystem will continue to evolve. Massive transformation is upon us and we will continue to see cyber criminals trying to manipulate near field communications [NFCs] as certain platforms gain momentum due to their significant following,” said Abbott.
- Get ready for IoT, mobile cybercrime in 2015: Industry
- Cloud, privacy, big data and smart cities top HDS predictions
- Coming soon: Murder by Internet
Bitdefender's chief security strategist, Catalin Cosoi, agreed that companies have become the focus of targeted attacks.
“Attackers want to take advantage of the reputation and availability of the wide attack surface area to launch ever-growing cyber crime campaigns and extract valuable data,” he said.
Though the June 2014 takedown of the Zeus botnet temporarily stopped the spread of Cryptolocker, ransomware continues to evolve and is moving to new platforms, said Cosoi.
“Financial data remains among the most valuable and targeted information and the methods to capture it have become more elaborate.
“Behind every cyber tragedy lies a malicious piece of code designed to cause as much damage as possible – to steal identities, corporate secrets or simply to prove a point," he said.
Cosoi shared three examples of the worst malware detected in 2014.
The first is BlackPOS – point of sale malware targeting credit and debit card data swiped at POS systems running Microsoft Windows. BlackPOS has targeted customers of United States banks such as Chase, Capital One and Citibank.
“Enterprises should implement a multi-layered security solution to ensure their network is protected against vulnerabilities in systems and applications,” he said.
Another is Koler – Android Trojan which attempts to extort money out of smartphone users so they can unlock their data.
According to Cosoi, installing a mobile security solution will help protect devices from hacking, malware, viruses and unauthorised access.
The third is Cryptolocker – ransomware Trojan which uses encryption to lock computer files. It demands the user pay a ransom to decrypt the files. More than 500,000 users worldwide have been affected by Cryptolocker.
Cosoi’s advice to enterprises and consumers is to make sure their operating systems and security software are regularly updated.
Despite technology’s advances, the risk of our increasingly digital existence was “brutally apparent” during another year of the breach, said RSA executive chairman Art Coviello.
“In 2014, nation states around the world increasingly pushed the boundaries of acceptable cyber assault to control their own populaces and spy on other nation states. With no one actively working on the development of acceptable norms of digital behaviour – a digital Hague or Geneva Convention – we can expect this covert digital warfare to continue.
"However, companies in the private sector will be drawn into this war either as the intended victim or as the unwitting pawn in an attack on other companies,” he said.
As a result of retail breaches in 2014 against companies such as Target in the US, organisations who handle payment card data are strengthening their defences and shortening the window of opportunity for cyber criminals, making them a less lucrative target, Coviello said.
In 2015, cyber criminals will increasingly turn their attention to stealing another type of data that is not as well-secured – personal information held by healthcare providers.
“Unfortunately, we are likely to see another series of very public breaches before many providers improve their security to effectively deal with these threats,” he said.
Bad certificates
Venafi Australia and New Zealand regional manager Michael J. Bosch said cyber criminals misused security keys and certificates in creative ways to undermine a slew of controls ranging from authentication to data loss prevention during 2014.
“In 2015, the availability of free certificates from Let’s Encrypt and Universal SSI will make misuse even more interesting and prevalent. Forty per cent of online bank apps don’t check certificates, which leaves the door open next year to widespread man-in-the-middle attacks,” he said.
However, he said there is hope as companies such as Google are now using security certificates that last only three months.
“Heartbleed and sites like Let’s Encrypt are showing that we must question how we create trust and change keys and certificate more often,” said Bosch.
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia