The Co-operative Group selects Eckoh to strengthen... » Eckoh has announced it has been selected by The Co-operative Group to provide its secure payment sol... Indyme gets ready for its first UK award » Customer engagement and loss prevention specialist nominated for two Retail Fraud awards Indyme, a ... ESET joins European Cyber Security Month to rais... » London, UK: ESET is once again helping to raise awareness about cyber threats during the annual Euro... Cubic Global Defense to deliver secure and reali... » SAN DIEGO: Cubic Global Defense (CGD) has announced the award of a multi-year contract by the Air Fo... First SANS Cyber Academy graduates prepare to en... » Unique recruitment programme to provide employers with a risk free route to recruiting the ideal can... More visitors than ever at The Emergency Services ... » The Emergency Services Show held at the NEC in Birmingham on 23 and 24 September attracted a record ... Italtel renews network products and enters Intel N... » Milan, Italy: Italtel has announced it has joined the Intel® Network Builders program as part of an ... New DCA Certification awarded to Datum FRN1 Data C... » FARNBOROUGH: Datum Datacentres, the Farnborough based provider of ultra secure, high resilience co-l... RoSPA and British Safety Council back DHF's Gate... » The growing campaign to confine powered gate accidents to the history books has received a significa... NICE Security wins ASIS Accolades 2015 for Object ... » Qognify, formerly NICE Security, has been awarded an ASIS Accolades Security's Best Award for Object...


Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.


Subscribe to Vigilance Weekly

Cyber-crime and malware attacks will increase during 2014 as criminals capitalise on recent successes and continue to use technology for illicit gain

AppRiver, the cloud-based email and Web security specialist has released its threat forecast for 2014 warning that many of the security headlines of 2013 are just the precursor of things to come. It predicts that, having proved lucrative, many criminals will continue to invest time and effort infecting devices and holding data to ransom; there will be devastating repercussions following Adobe’s ColdFusion and Acrobat source code liberation, mobile malware will continue to spread and everyone’s liberty is at risk from state-sponsored attacks.


Jon French from AppRiver explains, “Thanks to the media hype and the sheer effectiveness of malware such as Citadel and CryptoLocker in 2013, we should expect to see a continued if not an increased use of Ransomware well into 2014. The only thing that would possibly hinder the appearances of more Ransomware on the horizon would be the capture of the CryptoLocker group by authorities. Another cause for concern is Adobe’s recent breach. Obviously there are immediate repercussions for the individuals whose credentials have been stolen, but this is just the tip of this devastating iceberg. In a case of stolen software or source code there is also a large risk of a hacker knowing the ins and outs of the software thereby allowing them to write malicious code aimed at weaknesses they find. With the source code at their power, it’s a fair assumption that we’ll be seeing these exploits come to light in 2014.”

Speaking specifically of the highly publicised increased frequency of state-sponsored attacks and cyber-espionage French continues, “Every day, critical infrastructure and organisation entities face state-sponsored cyber attack. Far less common is for nation states to admit being behind them, but that doesn’t mean we’re naive enough to believe it’s not happening. As more countries become equipped, empowered and emboldened to orchestrate these attacks we can only expect the frequency and severity to increase.”

Before his untimely passing earlier this year, Barnaby Jack warned that hackers could potentially take control of medical devices with deadly intent. While AppRiver does not predict an epidemic of pacemaker murders – though it does not deny the possibility, it is concerned that hackers who enjoy ‘pranking’ will target the ever increasing diverse array of devices connected to the Internet, such as Internet-controlled thermostats, causing at best inconvenience and potentially financial implications.

There are precautions users can take to avoid becoming the next victim of cybercrime. Anti-virus software, user education and implementing sound security practices can help mitigate online threats. But as French warns, “Security must always be at the forefront of people’s minds. In a situation where users are not confronted with viruses every day, they may not think anything of opening an email file that looks like a pdf but actually turns out to be a virus. In fact, many people do not even realise they opened a virus until much later. For example, Cryptolocker notifies its victims about the security breach only after it has encrypted everything on the victim’s computer. Educating individuals to spot phishy emails and recognise file extensions can mean the difference between a clean computer and a malicious one.”

To thwart off a network attack, it is important to install the correct software and hardware – network firewall, VPN, IPS, and password policies to name a few. And just like user security training, it’s important for IT administrators to keep all software up to date. As French explains, “Exploits are discovered in software all the time and are usually published. The provider will push out updates or patches to fix the security holes as they arise, but having out-of-date software or signatures leaves a network open to known issues any attacker can take advantage of. That’s why it is critical to update software or firmware running on a home or business network.” Keeping track of security layers and ensuring that they remain up to date can protect against future IT threats.