A new cybersecurity report from Trend Micro predicts that criminals will increasingly target retail and financial institutions outside the United States in 2015.
The report, Trend Micro Security Predictions for 2015 and Beyond: The Invisible Becomes Visible, anticipates a rise in targeted attacks, specifically in the Asia Pacific (APAC) region. These attacks focus on infiltrating a specific organization to obtain valuable data.
High-profile attacks in the US and China demonstrate that cybercriminals favor these targeted attacks to gather intelligence, including financial data, personal information, classified government data, and intellectual property like blueprints.
Trend Micro’s threat experts have observed attacks on organizations in Vietnam and India, and more recently in Malaysia and Indonesia, with more attacks in APAC expected. Social media will be increasingly exploited to spread infection through suspicious links and personalized messages that trick users into visiting malicious websites or downloading malware.
“Cybercriminals have become faster and more ruthless in their methods for stealing information,” says Dhanya Thakkar, Managing Director, Asia Pacific, Trend Micro. “Inspired by the success of targeted attacks by Chinese and Russian cybercriminals, many attackers from other countries will see cyberattacks as a practical way to gain access to an organization.”
Trend Micro Security Predictions for 2015 and Beyond: The Invisible Becomes Visible makes several predictions for 2015:
Targeted attacks will be as common as general cybercrime.
Security threats could involve gaining ‘command and control’ access to a system, potentially giving criminals the ability to destroy hard drives, steal data, engage in hacktivism, conduct espionage, or simply cause destruction.
David Siah, Singapore Country Manager for Trend Micro, compares network protection to a Mentos candy: hard on the outside but chewy on the inside. While companies invest in fortifying their external perimeter, internal networks often remain vulnerable. “If someone is determined to get in, they will find a way, and once inside, they can do significant damage,” he cautions.
Android devices will become a prime target.
The increasing use of mobile devices, especially Android, creates greater risks for users. As the leading mobile platform in APAC, Android’s fragmented ecosystem poses a challenge, leaving users reliant on device providers for software protection.
This fragmentation allows cybercriminals to exploit existing vulnerabilities in devices with unpatched software. Attackers can easily use tools like the notorious Blackhole Exploit Kit to target these weaknesses.
Trend Micro’s research also reveals that many companies believe they are unlikely to be targeted or that their trusted environments are secure. Their survey of APAC companies found that 35% were confident they had not been attacked, while over a quarter (26%) were unsure. The remaining respondents either suspected or knew they had experienced security breaches.
Siah.
The reality is that Singapore experienced a higher number of blocked malicious detections in Q3 2014 compared to Q2 2014. Siah reported over 7 million attempts by Singapore-based users to access malicious websites in Q3, with 611,000 attempts specifically targeting malicious URLs hosted within the country.
Siah emphasized that common malware like Conficker remains prevalent in Singapore, suggesting that users are not updating their systems or are using outdated operating systems like Windows XP that are no longer supported by Microsoft.
Exploiting known vulnerabilities, such as CVE-2012-0158 and CVE-2010-0188, continues to be a favored tactic, highlighting a lack of patching by victims. These vulnerabilities were discovered in 2012 and 2010 respectively.
Microsoft Office is targeted in 53% of attacks, followed by Adobe Reader at 46%. “We heavily rely on documents in our daily work. It’s easy to fall victim to a malicious attachment disguised as a legitimate document relevant to our work or industry,” Siah explained.
While poor user practices and the availability of free malware tools like Zeus benefit cybercriminals, simply updating systems regularly might seem like sufficient protection. However, Siah cautions that updates depend on bugs being publicly disclosed, allowing for the creation of detection signatures. This gap between vulnerability disclosure and patch availability creates a window of opportunity for cybercriminals.
Furthermore, known vulnerabilities represent only a small fraction of the threat landscape. Bugs like Shellshock can exist for decades before discovery, and malware can mutate into signatureless forms that traditional cybersecurity defenses struggle to detect. “Exploiting a vulnerability will become as easy as creating an app,” Siah warns.
While previously associated with countries like the US and Russia, targeted attacks are now a global problem. Trend Micro has identified gangs operating in Brazil and China, highlighting that cybercriminals can operate from any location with internet access.
Trend Micro’s sensors have detected attacks across APAC, including Taiwan, Japan, Indonesia, mainland China, Malaysia, the Philippines, and Bangladesh. Singapore has been a relatively minor target so far. Siah explains, “Attackers could target the subsidiary of a US company in Taiwan, for example. Once they control the Taiwan servers, they can move internally from country to country until they reach the main headquarters.”
Users should anticipate the compromise of at least one of their online accounts, whether it be a web service or online portal. The widespread use of social media in APAC, with approximately 970 million active users, makes the region a prime target. With the predicted increase in attacks, cybercriminals will have more opportunities to steal user credentials. Trend Micro urges users to prioritize password security and online safety measures.
Click here for the full report.