TOP BUSINESSES SHORTLISTED FOR INDUSTRY AWARDS » 21 leading businesses from across the engineering and electrotechnical services sector have been sho... ECA PRESIDENT OPTIMISTIC ON BUSINESS OUTLOOK AS ... » Dave Kieft, the outgoing President of the Electrical Contractors’ Association (ECA), believes there ... Armour Comms launches industry leading secure Grou... » London: In direct response to customer demand, Armour Communications has announced the availability ... TDSi Supports Education Programme at IFSEC Inter... » Poole: Integrated security manufacturer TDSi will be sponsoring the Tavcom Training Theatre at IFSEC... 'POWER PLAYERS' INITIATIVE OPENS TO ENTRIES » Leading younger people from across the engineering services sector have a new opportunity to be reco... Multitone launches comprehensive EkoCare Communi... » Multitone Electronics plc has announced the launch of its new EkoCare range for healthcare facilitie... Momentum builds as Critical Communications World d... » Critical Communications World (May 16-18, Hong Kong) is the leading and most influential congress an... New initiative shows increasing importance of CSR » A major new survey on corporate social responsibility (CSR) is now open to electrotechnical busine... OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTORA... » SERIES: BUHARISM AND THE FIERCE URGENCY OF NOW A treatise on pastoral jihadism, islamism, arabism a... Commvault partners with Pure Storage » Cisco Live, Melbourne, AU and Tinton Falls, NJ: Commvault has announced the integration of its Commv...

CLICK HERE TO

Advertise with Vigilance

SOCIAL BOOKMARK

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Cyber-crime and malware attacks will increase during 2014 as criminals capitalise on recent successes and continue to use technology for illicit gain

AppRiver, the cloud-based email and Web security specialist has released its threat forecast for 2014 warning that many of the security headlines of 2013 are just the precursor of things to come. It predicts that, having proved lucrative, many criminals will continue to invest time and effort infecting devices and holding data to ransom; there will be devastating repercussions following Adobe’s ColdFusion and Acrobat source code liberation, mobile malware will continue to spread and everyone’s liberty is at risk from state-sponsored attacks.

 

Jon French from AppRiver explains, “Thanks to the media hype and the sheer effectiveness of malware such as Citadel and CryptoLocker in 2013, we should expect to see a continued if not an increased use of Ransomware well into 2014. The only thing that would possibly hinder the appearances of more Ransomware on the horizon would be the capture of the CryptoLocker group by authorities. Another cause for concern is Adobe’s recent breach. Obviously there are immediate repercussions for the individuals whose credentials have been stolen, but this is just the tip of this devastating iceberg. In a case of stolen software or source code there is also a large risk of a hacker knowing the ins and outs of the software thereby allowing them to write malicious code aimed at weaknesses they find. With the source code at their power, it’s a fair assumption that we’ll be seeing these exploits come to light in 2014.”

Speaking specifically of the highly publicised increased frequency of state-sponsored attacks and cyber-espionage French continues, “Every day, critical infrastructure and organisation entities face state-sponsored cyber attack. Far less common is for nation states to admit being behind them, but that doesn’t mean we’re naive enough to believe it’s not happening. As more countries become equipped, empowered and emboldened to orchestrate these attacks we can only expect the frequency and severity to increase.”

Before his untimely passing earlier this year, Barnaby Jack warned that hackers could potentially take control of medical devices with deadly intent. While AppRiver does not predict an epidemic of pacemaker murders – though it does not deny the possibility, it is concerned that hackers who enjoy ‘pranking’ will target the ever increasing diverse array of devices connected to the Internet, such as Internet-controlled thermostats, causing at best inconvenience and potentially financial implications.

There are precautions users can take to avoid becoming the next victim of cybercrime. Anti-virus software, user education and implementing sound security practices can help mitigate online threats. But as French warns, “Security must always be at the forefront of people’s minds. In a situation where users are not confronted with viruses every day, they may not think anything of opening an email file that looks like a pdf but actually turns out to be a virus. In fact, many people do not even realise they opened a virus until much later. For example, Cryptolocker notifies its victims about the security breach only after it has encrypted everything on the victim’s computer. Educating individuals to spot phishy emails and recognise file extensions can mean the difference between a clean computer and a malicious one.”

To thwart off a network attack, it is important to install the correct software and hardware – network firewall, VPN, IPS, and password policies to name a few. And just like user security training, it’s important for IT administrators to keep all software up to date. As French explains, “Exploits are discovered in software all the time and are usually published. The provider will push out updates or patches to fix the security holes as they arise, but having out-of-date software or signatures leaves a network open to known issues any attacker can take advantage of. That’s why it is critical to update software or firmware running on a home or business network.” Keeping track of security layers and ensuring that they remain up to date can protect against future IT threats.