![]() During this year we have seen some evidence of this emerging trend, like attacks on cars shown at Defcon conference using ECU devices or the Tesla car that was hacked to open doors while in motion, as discovered by Nitesh Dhanjani. The Internet of Things trend will surely create an interest for cyber criminals. There is no reason to think that new devices that are going to be connected to the Internet, storing more data on them and being useful for users, are not going to be a target for cybercrime. It is interesting to note that since the BlackPOS source code was leaked in 2012, it will probably facilitate the creation of new variants of this threat that will increase over the next few years. There are other malware families for POS like JacksPos or Dexter, which could be the responsible ones for big attacks on Target wherein 40 million cards' data was stolen or Home Depot where 56 million cards were leaked after more than 5 months of the attack that started in April and was not discovered until almost September, when the company announces the leak. In mid-2014 ESET published a blog post on We Live Security about the worm Win32/BrutPOS that tries to brute-force its way into PoS machines by trying a variety of (overused) passwords in order to log in via Remote Desktop Protocol (RDP). On the other hand, point of sale systems are still a current technology and malware authors are well aware of that. At this point, it is already obvious that cybercriminals will continue putting efforts into payment systems the more money circulates on the web. In parallel with the growing use of online payment systems, the cybercrime interest on attacking them grows too. ![]() In December of 2014, in a panel discussion at Georgetown Law’s called “Cybercrime 2020: The Future of Online Crime and Investigations” it was mentioned that “ransomware is the future of consumer cybercrime”. During 2014, we saw big companies like Yahoo, Match or AOL get hit by ransomware and ESET researchers also published Android/Simplocker analysis, the first Android File-Encrypting TOR-enabled Ransomware. Ransomware will be a key point for malware developers and it will be a more relevant threat in the following years. These stats are based only on well-known public attacks, so it is reasonable to think that the statistics showing a growing trend is real the amount, however, should be bigger, taking into account attacks that never reach the public space because of confidentiality reasons. In this context, it is important to notice that the attack vectors are predominantly Social Engineering Attacks or zero-day exploits.Īccording to APTnotes repository- a site that collects APT attacks from various publicly-available documents and notes, sorted by year- these kinds of attacks have grown over the past several years from 3 identified attacks in 2008 to 75 known attacks in 2014 and probably many others as yet undiscovered. Secondly, these kinds of attacks try to stay unnoticed for longer periods of time. In most of these attacks, there is a specific target, as opposed to traditional attacks that use any available corporate targets for their purposes. Most commonly known as Advanced Persistent Threats (APTs), their main differences with traditional cyber-attacks are target selection, duration of attack and stealth. If there is one lesson IT security researchers have learned in recent years, it is that targeted attacks are an increasing trend. Based on extensive research conducted through 2014 and the analysis of global and regional cyber trends, the company has now put together its predictions for the top IT security trends that will dominate headlines in 2015. At the start of the year, ESET, the global leader in proactive digital protection, correctly laid emphasis on internet privacy, new assaults on the Android operating system and the new wave of high-tech malware in its predictions for the main threats that business and home users would face. 2014 was a big year for the cyber security industry with shocking revelations emerging of data breaches of immense scale conducted against some of the largest and most prestigious global organizations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |