Servers for sale, global bot­nets and a strong fo­cus on mobile

Kasper­sky Lab’s Threat Re­view for 2016

Kuwait Times - - TECHNOLOGY -

In 2016, the world’s big­gest cy­berthreats were re­lated to money, in­for­ma­tion and a de­sire to dis­rupt. They in­cluded the un­der­ground trade of tens of thou­sands of com­pro­mised server cre­den­tials, hi­jacked ATM sys­tems, ran­somware and mobile bank­ing mal­ware - as well as tar­geted cy­beres­pi­onage at­tacks and the hack­ing and dump­ing of sen­si­tive data. These trends, their im­pact and the sup­port­ing data are cov­ered in the an­nual Kasper­sky Se­cu­rity Bul­letin Re­view and Sta­tis­tics re­ports, pub­lished to­day.

In 2016 Kasper­sky Lab re­search also dis­cov­ered the ex­tent to which com­pa­nies strug­gle to quickly spot a se­cu­rity in­ci­dent: 28.7% said it took them sev­eral days to dis­cover such an event, while 19% ad­mit­ted it took weeks or more. For a small but sig­nif­i­cant mi­nor­ity of 7.1%, it took months. Among those that strug­gled most, even­tual dis­cov­ery of­ten came about through an ex­ter­nal or in­ter­nal se­cu­rity au­dit, or an alert from a third party, such as a client or a cus­tomer. Fur­ther de­tails on how a de­lay in de­tec­tion im­pacts busi­ness re­cov­ery costs can be found in the Ex­ec­u­tive Sum­mary of the re­view.

Other things we learned in 2016:

1. That the un­der­ground econ­omy is big­ger and more so­phis­ti­cated than ever: Just look at xDedic - the shady mar­ket­place for more than 70,000 hacked server cre­den­tials that al­lowed any­one to buy ac­cess to a hacked server, for ex­am­ple one lo­cated in an EU coun­try’s gov­ern­ment net­work, for as lit­tle as $6.

2. That the big­gest fi­nan­cial heist did not in­volve a stock ex­change as ex­pected: in­stead it used SWIFT-en­abled trans­fers to steal $100 mil­lion

3. That crit­i­cal in­fra­struc­ture is wor­ry­ingly vul­ner­a­ble on many fronts: as re­vealed at the end of 2015 and into 2016 by the Black­En­ergy cy­ber­at­tack on the Ukrainian en­ergy sec­tor that in­cluded dis­abling the power grid, wip­ing data and launch­ing a DDoS at­tack. In 2016 Kasper­sky Lab ex­perts in­ves­ti­gated in­dus­trial con­trol threats and dis­cov­ered thou­sands of hosts around the world ex­posed to the In­ter­net, with 91.1 per­cent car­ry­ing vul­ner­a­bil­i­ties that can be ex­ploited re­motely.

4. That a tar­geted at­tack can have no pat­tern: shown by the Project Sau­ron APT, an ad­vanced, mod­u­lar cy­beres­pi­onage group that cus­tom­ized its tools for each tar­get, re­duc­ing their value as In­di­ca­tors of Com­pro­mise (IoCs) for any other vic­tim.

5. That the on­line re­lease of vast vol­umes of data can di­rectly in­flu­ence what peo­ple think and be­lieve: as ev­i­denced by the Shadow Bro­kers and other per­sonal and po­lit­i­cal data dumps.

6. That a cam­era or DVD player could be­come part of a global In­ter­net-of-things cy­ber-army: as the year ends it is clear that the Mi­rai-pow­ered bot­net at­tacks are only the be­gin­ning.

“The num­ber and range of cy­ber­at­tacks and their vic­tims seen in 2016 has put the sub­ject of bet­ter de­tec­tion at the top of the busi­ness agenda. De­tec­tion is now a com­plex process that re­quires se­cu­rity in­tel­li­gence, a deep knowl­edge of the threat land­scape, and the skills to ap­ply that ex­per­tise to each in­di­vid­ual or­ga­ni­za­tion. Our anal­y­sis of cy­berthreats over the years has re­vealed both pat­terns and unique ap­proaches. This ac­cu­mu­lated un­der­stand­ing un­der­pins our ac­tive de­fense tools, as we be­lieve pro­tec­tion tech­nolo­gies should be pow­ered by se­cu­rity in­tel­li­gence. It also sits at the heart of our grow­ing num­ber of part­ner­ships and col­lab­o­ra­tions. We use the past to pre­pare for the fu­ture, so that we can con­tinue to pro­tect our cus­tomers from un­de­tected threats, be­fore they do any harm,” said David Emm, Prin­ci­pal Se­cu­rity Re­searcher, Kasper­sky Lab.

An overview of in­tel­li­gence-based se­cu­rity pro­tec­tion can be found here.

The no­table sta­tis­tics for the year in­clude:

36 per­cent of on­line bank­ing at­tacks now tar­get An­droid de­vices, up from just 8 per­cent in 2015.

262 mil­lion URLs were rec­og­nized as ma­li­cious by Kasper­sky Lab prod­ucts, and there were 758 mil­lion ma­li­cious on­line at­tacks launched across the world - with one in three (29 per­cent) orig­i­nat­ing in the US and 17 per­cent in the Nether­lands.

Newspapers in English

Newspapers from Kuwait

© PressReader. All rights reserved.