An IT security product firm has compiled a summary of the cybercrime trends and predictions for 2015. These will be further detailed in ESET’s Cybercrime Trends & Predictions 2015 report coming soon on WeLiveSecurity.com. While last year’s focus was on internet privacy and Android malware, new areas of risks are coming to the top in 2015, says ESET.
Targeted attacks will continue to become more sophisticated in 2015, the product firm suggests. Often referred to as Advanced Persistent Threats (APT), they differentiate from traditional cyber attacks. Designed to target specific victim and be silent, targeted attacks often can lurk undetected on less secure networks. Pablo Ramos, Head of Research Lab ESET Latin America, said: “The attack vector for targeted attacks most commonly takes advantage of social engineering attacks. This is where psychological manipulation is used to encourage potential victims into performing actions or divulging confidential information. Attacks also take the form of zero-day exploits, where attacks exploit newly discovered vulnerability on a particular operating system or application.”
During 2014, ESET’s We Live Security blog featured a number of targeted attacks, such as BlackEnergy campaign, and the Operation Windigo.
“As users begin to adopt online payment systems as a means to pay for services and goods, these systems become more attractive to malware authors interested in financial gain,” added Ramos.
The year 2014 saw the largest known digital payment attack to date, with a hacker reportedly harvesting more than $600,000 USD in Bitcoins and Dogecoins by using a network of infected machines.
ESET reported about attacks against the Dogevault site in May, where users of the popular online wallet reported unauthorised withdrawals from their accounts before the site was forced to go offline when attackers destroyed site data. An estimated value of $56,000 USD was stolen from Dogevault online wallet users.
Brute-force attacks, such as Win32/BrutPOS
As new devices connect to the internet and store more data, they also become an attractive attack vector for cybercriminals. During 2014, we have seen more evidence of this growing trend, like attacks on cars shown on Defcon conference using the ECU devices, or the Tesla car that was hacked to open doors while in motion. Attacks and proof of concepts were also shown on several SMART TVs, Boxee TV devices, biometric systems on smartphones, routers – and Google glasses.
Camilo Gutierrez, Senior Security Researcher at ESET Latin America, said: “This is an emerging space for cybercrime and should remain an area of focus for security industry. While it may take years to become a serious prevalent threat, we must act now to better prevent these types of attacks.” The full report will be soon available on WeLiveSecurity.com. In the interim, you can read more on the WeLiveSecurity.com blog.
