Digital extortion a growing danger
CYBERATTACKERS ARE INFILTRATING NETWORKS AND HIJACKING INFRASTRUCTURE OF MAJOR CORPORATIONS AND USING IT AGAINST THEM
Cyber security has always been a headache not only for the consumers but also for the enterprises and it will always continue to be. In today’s hyper-connected world it is no longer a question of whether you will be attacked — but when?
It is evolving into one of the most “serious economic and national security” challenges as attackers persist and evolve.
Hassam Sidani, regional manager for Symantec Gulf, said that cyberattackers are infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them.
“We’re seeing attackers trick companies into infecting themselves by Trojanizing software updates to common programs and patiently waiting for their targets to download them — giving attackers unfettered access to the corporate network,” he said.
Attackers are using stolen email accounts from one corporate victim to spear-phish other victims higher up the food chain; taking advantage of companies’ management tools and procedures to move stolen IP around the corporate network before exfiltration; building custom attack software inside the network of their victims to further disguise their activities.
According to Symantec’s latest internet Security Threat Report, the UAE’s security threat profile has improved from a world rank of 47 in 2013 to 49 in 2014.
The shift indicates a lower number of source-based security threats, including malicious code, spam, phishing hosts and bots.
However, Symantec has observed a significant rise in the number of targeted attacks against the UAE, increasing from less than one per cent of global totals in 2013 to almost five per cent in 2014.
The US still remains at the top-ranked country globally, followed by China and India.
“Attackers don’t need to break down the door to a company’s network when the keys are readily available,” he said.
Rise in attacks
There is an increase in the number of targeted attacks in 2014. There were 24 zero-day vulnerabilities discovered last year. The really shocking thing is that, he said, adding that it took 59 days for companies to patch the vulnerability compared to 2013’s four days.
“It gives attackers plenty of time to exploit the vulnerability in software or an application while Ransomware has increased by 113 per cent and 17 per cent of all Android apps or one million apps in Google Play Store found to have a malware inside,” he said.
Ransomware is a kind of virus that demands a ransom or compensation from the victim by locking his device, holding his data or by making it difficult for the victim to find a solution to remove a virus installed on his device.
The report said that the UAE’s ranking for network attacks shifted from 53 in 2013 to 48 in 2014 and web attacks shifted from 60 in 2013 to 50 in 2014. As compared against the security threat profiles of the top 10 countries analysed in Middle East and Africa, the UAE remained unchanged from 2013 with a ranking of seven.
Similar to 2013, the top industry that received spear phishing emails in the UAE was finance, insurance and real estate (40 per cent of all incoming emails were targeted attacks), and the smallest organisations sized 1-250 experienced the highest volumes at almost 89 per cent.
He said that advanced attackers continued to breach networks with highly-targeted spear-phishing attacks, which increased a total of eight per cent in 2014.
“What makes last year particularly interesting is the precision of these attacks, which used 20 per cent fewer emails to
We’re seeing attackers trick companies into infecting themselves by Trojanizing software updates to common programs and patiently waiting for their targets to download them— giving attackers unfettered access to the corporate network.” Hassam Sidani | Regional manager for Symantec Gulf
successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits,” he said.
Email remains a “significant attack vector” for cybercriminals, but they continue to experiment with new attack methods across mobile devices and social networks to reach more people, with less effort.
In the UAE, 13 per cent of mobile devices experienced an attempted or successful infection of mobile malware.
“Cybercriminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work,” Sidani said.
“Last year, 70 per cent of global social media scams were shared manually, as attackers took advantage of people’s willingness to trust content shared by their friend. With the use of social media gaining momentum in the Middle East, Symantec’s research found the UAE had a global rank of 21 for social media scams and 36 for ransomware threats in 2014. Social media scams can provide cybercriminals with quick cash; while ransomware relies on more lucrative and aggressive attack methodology.”
“Notably, there were 45 times more victims of cryptoransomware attacks, than in 2013. Instead of pretending to be law enforcement seeking a fine for stolen content, as we’ve seen with traditional ransomware, the more vicious cryptoransomware attack style holds a victim’s files, photos and other digital content hostage without masking the attacker’s intention,” he said.