A recent study has revealed that in addition to cybercriminals using a range of new techniques to attack corporate computers, well over half of them were hit with one attempted malware infection during 2015.
Cyberattack tools used against businesses in 2015 were different to those used against consumers, according to Kaspersky Lab’s review of corporate threats last year. They included greater exploitation of legitimate software programmes and malware being signed with valid digital signatures to keep malicious files hidden for longer. Kaspersky Lab’s experts also observed a steady rise in the number of corporate users attacked by ransomware.
Kaspersky Lab’s experts found that in 2015 well over half (58%) of corporate PCs were hit with at least one attempted malware infection, up three percentage points on 2014. One in three (29%) business computers were exposed at least once to an Internet-based attack; with the exploitation of standard office applications seen three times as often as in consumer attacks.
Further, 41% of business computers faced local threats, such as from infected USB sticks or other compromised removable media. The experts also noted a 7% increase in the share of exploits targeting the Android platform, confirming hackers’ growing interest in data stored on employees’ mobile devices.
These attacks were found to be carefully planned, with cyber-attackers taking time to investigate a target company’s contacts and suppliers and even the personal interests and browsing habits of individual employees. This insight was then used to identify legitimate websites for compromise and malware distribution, with the attacks often repeated over time.
“The future cyber-landscape for business includes a new attack vector: infrastructure, because almost all of an organisation’s valuable data is stored on servers in data centers. We also expect tougher safety standards from regulators, which could lead to more cybercriminals being arrested in 2016,” says Yury Namestnikov, Senior Security Researcher at Global Research and Analysis Team, Kaspersky Lab.
In 2015, cyber-criminals and advanced persistent threats (APT) groups focused a great deal of attention on financial services organisations, such as banks, investment funds, and both stock and currency exchanges, including those handling cryptocurrencies.
These attacks included Carbanak, which penetrated the networks of banks, seeking out critical systems that would allow it to withdraw money. One successful attack alone would bring in as much as $2.5 – $10 million dollars. The cyber-espionage group, Wild Neutron also spent much of 2015 hunting down investment companies as well as organisations working with the cryptocurrency Bitcoin and companies involved in mergers and acquisitions.
Kaspersky Lab’s experts observed a growing diversification in attack targets. For example, in 2015, the Chinese APT, Winnti APT switched targets from companies involved in computer games to those in pharmaceuticals and telecommunications.
Stealing at point of sale
Point-Of-Sale terminals, used by retailers and other consumer-facing organisations were another target for attack in 2015, with Kaspersky Lab products blocking more than 11,500 attempts to hack into PoS devices. The company knows of ten families of programmes designed to steal data from PoS terminals, and seven of them appeared for the first time this year.
The rise and rise of ransomware
2015 also saw a doubling of the number of cryptolocker attacks, with Kaspersky Lab detecting cryptolockers on more than 50 thousand corporate machines. This could reflect the fact that ransoms received from organisations can be far larger than those received from individuals. There is also a greater likelihood of the ransom being paid. Many companies simply cannot function if the information on several critical computers or servers is encrypted and inaccessible.
Kaspersky Lab recommends that companies take steps to reduce risk and to increase their knowledge of the latest threats. The basic principles of security in corporate networks remain the same: train employees, establish robust security processes and make full use of new technologies and techniques as each additional layer of protection reduces the risk of network penetration. To eliminate the threat of ransomware infection, companies should use protection against exploits and ensure that their security solutions include behavioural detection methods, such as Kaspersky Lab’s System Watcher.
Low-cost wireless sport earphones get a kickstart
Wireless earphone brands are common, but not crowdfunded brands. BRYAN TURNER takes the K Sport Wireless for a run.
As wireless technology becomes better, Bluetooth earphones have become popular in the consumer market. KuaiFit aspires to make them even more accessible to more people through a cheaper, quality product, by selling the K Sport Wireless Earphones directly from its Kickstarter page
KuaiFit has an app by the same name which offers voice-guided personal training services in almost every type of exercise, from cardio to weight-lifting. A vast range of connectivity to third-party sensors is available, like heart rate sensors and GPS devices, which work well with guided coaching.
The app starts off with selecting a fitness level: beginner, intermediate and advanced. Thereafter, one has the ability to connect with real personal trainers via a subscription to its paid service. The subscription comes free for 6 months with the earphones, and R30 per month thereafter.
The box includes a manual, a USB to two USB Type B connectors, different sized soft plastic eartips and the two earphone units. Each earphone is wireless and connects to the other independently of wires. This puts the K Sport Wireless in the realm of the Apple Earpods in terms of connection style.
The earphones are just over 2cm wide and 2cm high. The set is black with a light blue KuaiFit logo on the earphone’s button.
The button functions as an on/off switch when long-pressed and a play/pause button when quick-pressed. The dual-button set-up is convenient in everyday use, allowing for playback control depending on which hand is free. Two connectivity modes are available, single earphone mode or dual earphone mode. The dual earphone mode intelligently connects the second earphone and syncs stereo audio a few seconds after powering on.
In terms of connectivity, the earphones are Bluetooth 4.1 with a massive 10-meter range, provided there are no obstacles between the device and the earphones. While it’s not Bluetooth 5, it still falls into the Bluetooth Low Energy connection category, meaning that the smartphone’s battery won’t be drastically affected by a consistent connection to the earphones. The batteries within the earphones aren’t specifically listed but last anywhere between 3 and 6 hours, depending on the mode.
Audio quality is surprisingly good for earphones at this price point. The headset style is restricted to in-ear due to its small design and probable usage in movement-intensive activities. As a result, one has to be very careful how one puts these earphones, in because bass has the potential of getting reduced from an incorrect in-ear placement. In-ear earphones are usually notorious for ear discomfort and suction pain after extended usage. These earphones are one of the very few in this price range that are comfortable and don’t cause discomfort. The good quality of the soft plastic ear tip is definitely a factor in the high level of comfort of the in-ear earphone experience.
Overall, the K Sport Wireless earphones are great considering the sound quality and the low price: US$30 on Kickstarter.
Find them on Kickstarter here.
Taxify enters Google Maps
A recent update to Taxify now uses Google Maps which allows users to identify their drivers, find public transport and search for billing options.
People planning their travel routes using Google Maps will now see a Taxify icon in the app, in addition to the familiar car, public transport, walking and billing options.
Taxify started operating in South Africa in 2016 and as of October 2018 operates in seven South African cities – Johannesburg, Ekurhuleni, Tshwane, Cape Town, Durban, Port Elizabeth and Polokwane.
Once riders have searched for their destination and asked the app for directions, Google Maps shares the proximity of cars on the Taxify platform, as well as an estimated fare for the trip.
If users see that taking the Taxify option is their best bet, they can simply tap on the ‘Open app’ icon, to complete the process of booking the ride. Customers without the app on their device will be prompted to install Taxify first.
This integration makes it possible for users to evaluate which of the private, public or e-hailing modes of transport are most time-efficient and cost-effective.
“This integration with Google Maps makes it so much easier for users to choose the best way to move around their city,” says Gareth Taylor, Taxify’s country manager for South Africa. “They’ll have quick comparisons between estimated arrival times for the different modes of transport, as well as fares they can expect to pay, which will help save both time and money,” he added.
Taxify rides in Google Maps are rolling out globally today and will be available in more than 15 countries, with South Africa being one of the first countries to benefit from this convenient service.