Cyber Criminal Minds Working Overtime

Friday, August 21, 2015 @ 03:08 PM gHale

Attackers are finding more security gaps to abuse, whether they’re in existing public-facing technologies or in new developments in the Internet of Things, a new report said.

“In the second quarter, we saw a shift in the threat landscape with cyber criminals becoming more sophisticated and creative, amplifying existing methods of attack, and using them in new ways,” said Raimund Genes, CTO, Trend Micro which issued the report. “This quarter demonstrated that the potential damage caused by cyber attacks extends far beyond a simple software bug to hacks of airplanes, smart cars and television stations.”

Firms Fear Nation-State Attacks
Simple, Sophisticated Attacks Growing
Zero Day Revelation to Attack Reduces
Security Fears for Execs Keeps Rising

It just goes to show if an attacker wants to get into a system, they will find a way.

They are taking more strategic approaches, refining their approach and targeting more selective victims to improve their infection rates.

This is reflected by the exponential increase in the use of several traditional attack methods, including a 50 percent increase in the integration of the Angler exploit kit, a 67 percent growth in overall exploit kit-related threats, and CryptoWall ransomware becoming highly targeted, with 79 percent of infections occurring in the U.S.

Additionally, government entities realized the full impact of cyber attacks during the second quarter with massive data breaches with the Internal Revenue Service (IRS) in May and the U.S. Office of Personnel Management (OPM) system in June.

The OPM data breach was the largest of its kind to date, exposing personally identifiable information of approximately 21 million individuals. Other government agencies ended up hit by targeted campaigns using macro malware, new command and control (C&C) servers, and the continued use of newly exploited vulnerabilities and 0-days Pawn Storm.

When looking at the Q2 threat landscape as a whole, the U.S. is a major player in deploying and receiving various attacks, with malicious links, spam, C&C servers and ransomware all having a major presence.

The report found:

Disruptions to public utilities – Broadcast networks, airplanes, automated vehicular systems and home routers pose not only the risk of malware infections, but physical inconveniences and threats.

Attackers gain notoriety, and profit, via successful ransomware and PoS attacks –
FighterPoS and MalumPoS deployed by solo hackers “Lordfenix” and “Frapstar,” along with Hawkeye keylogger attacks, demonstrated that single individuals are capable of making a significant impact in today’s threat marketplace.

More arrests — Interpol, Europol, the Department of Homeland Security and the FBI took down longstanding botnet operations. Additionally, the indictment of Silk Road founder Ross Ulbricht brought to light the nebulous nature and dangers of the Dark Web.

Political attacks — The attack on OPM was stark reminder that no one’s personal data is safe. Macro malware, island-hopping and C&C servers were among the tactics used to target government data in this and similar breaches.

New attacks on public facing sites –
While threats to software are always present, vulnerabilities in Web apps are just as dangerous. Attackers will leverage any vulnerability available and custom applications need custom security attention to ensure those entry points end up eliminated.

Click here to download the report.