The new face of cyber fear

Cyberthreats are borderless and guiltless, yet many South Africans believes that they will never be a cybercrime victim. GREGORY ANDERSON believes that even though we are not the most targeted victims, we should keep vigilant and points out what we should keep an eye out for.

Trend Micro’s Q3 report released towards the end of 2014 focused on highlighting the growing threat landscape in cyberspace and the loopholes in overlooked targets that were seen in the third quarter. Shellshock and Netis, exploit kits and malicious plug-ins, attacks targeting users’ money and mobile vulnerabilities were pin pointed as areas of concern.

The “it’ll never happen to me” attitude that so many South Africans have is perhaps, a sign that we think we are off the grid when it comes to cybercrime. But just because we are not the most targeted victims doesn’t mean that we should allow ourselves to remain ignorant. As the threat landscape grows, cybercrime is becoming more worrying for everyone. It’s borderless, it’s guiltless and 2015 is set to see it grow, so here are the things that should at the top of your cyber-worries list in this year.

Vulnerabilities that start out innocent

Shellshock. No one saw it coming and that was probably because it was not considered an attack surface prior to its discovery. Our researchers saw multiple attempts to exploit this vulnerability in various countries soon after it was discovered though. Worrying? Most certainly, because having gone unnoticed for years, Shellshock may be the first example of a number of vulnerabilities in Bash or in applications that were previously thought safe.

Shellshock will continue to affect thousands of users in the near and long term. Cybercriminals have already discovered that attacks can be carried out via HTTP, FTP, DHCP, CUPS and continue to uncover additional avenues. There is a large possibility that we will see other vulnerabilities as big as this one in the future and exposure via the Web will continue due to poor patching cycles and lack of awareness.

Exploit Kits and malicious plug-ins

Exploit Kits are growing in popularity by the day, especially with cybercriminals that want to make a quick buck. These are primarily used to create Web threats that deliver malicious payloads onto victim’s computers and are sold in underground communities. Last year saw multiple exploit kit families discontinued, revived and then reengineered. What this points to is that abused platforms will continue to be browsers.

The WordPress plugin is also worth noting. It led to the compromise of the Gizmodo Brazilian regional site along with two different news websites. Users unknowingly downloaded backdoor onto their machines, leaving around 7000 users affected in just two hours.

Hold onto your money

In 2014 one of the largest retail companies in the US disclosed that approximately 40 million consumer credit and debit card information were compromised as a result of a breach of its systems. Closer to home we saw the collapse of banks in the financial sector and customers panicked as they could not access their funds.

Card cloning and online security breaches are also growing locally and the Q3 report has highlighted that attacks that go straight for users’ money are on the rise. So batten down the hatches because in 2015 PoS RAM Scraper Malware, ransomware that forces users to pay money to regain their files and online banking malware are just a few threats that will be bee-lining for your cash.

Mobile threats

The third quarter (2014) once again, saw critical vulnerabilities in Android. For one, the FakeID vulnerability allows apps to impersonate legitimate ones and the Same Origin Policy bypass vulnerability opens up Android’s default browser to serious risks, like the fact that attackers could gather data from users who input information on legitimate websites. The list of threats to mobile devices is set to swell in 2015.

It also showed that iOS devices are not safe from the threats that plague Android. Trend Micro found IOS_APPBUYER.A on jailbroken iOS devices, a malware that hooks network APIs to steal users’ Apple IDs and passwords. Cybercriminals will continue to attempt to swim the mote to the iOS castle in 2015. The New Year will see more and more mobile vulnerabilities being discovered, but Google has made enhancements in releasing patches and hotfixes and mobile manufacturers are scrambling to protect users.

Prioritize your security

Security of personal and business data should be first priority at the start of this New Year and is going to require the education of individuals around new vulnerabilities that are emerging in the threat landscape. A cybercriminal’s strategy is all about precision and adaptation and in 2015 as cyberthieves adapt their strategies, traditional security measures will be less useful in fending them off.

The IT security industry will have to develop original measures to differentiate unusual and suspicious events from low risk events and use correlated threat intelligence to successfully identify and thwart targeted attacks. The message is clear: cybercriminals are getting more sophisticated and this in turn means that security measures need to be bolstered in order to rise to the challenge of protecting the unsuspecting user.

* Gregory Anderson, country manager, Trend Micro South Africa

* Follow Gadget on Twitter on @GadgetZA