Clavister secures Mexican universities Wi-Fi netwo... » Clavister has announced a deployment of its solutions, sold in 2014 and now in operation, to provide... Lancope drives specialised threat analysis and pro... » LONDON (UK): Lancope, Inc. is already achieving significant corporate momentum in 2015 as it helps d... Ted Plumis, Vice President of World Wide Channel... » London, UK: Imperva Inc. has announced that Ted Plumis, vice president of World Wide Channels for Im... PixAlert launches integrated OCR capability to str... » PixAlert has introduced integrated, optical character recognition (OCR) capability to their portfoli... Blesma Chief Executive leads team to scale ne... » This summer, former Brigadier and Blesma Chief Executive, Barry Le Grys, will be leading a team of a... Championship teams unite in support of injured s... » Nottingham Forest and Bolton Wanderers players and fans pulled out all the stops on Saturday in supp... AdaptiveMobile launches SS7 Protection to sec... » DUBLIN & DALLAS: AdaptiveMobile has launched SS7 Protection – a new product that secures mobile oper... Portal wins 2015 IBM Beacon Award for Outstandin... » UK: Portal was named a winner of a 2015 IBM Beacon Award for Outstanding Solution for Midsize Busine... Moxa's new EDR-810 Firmware to support transpare... » Munich: Moxa has released a new firmware for the EDR-810 industrial 8+2G multiport secure router to ... Cubic receives additional $2.9 million training or... » SAN DIEGO, Calif.: Cubic Corporation has been awarded a contract modification valued at more than $2...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Cyber-crime and malware attacks will increase during 2014 as criminals capitalise on recent successes and continue to use technology for illicit gain

AppRiver, the cloud-based email and Web security specialist has released its threat forecast for 2014 warning that many of the security headlines of 2013 are just the precursor of things to come. It predicts that, having proved lucrative, many criminals will continue to invest time and effort infecting devices and holding data to ransom; there will be devastating repercussions following Adobe’s ColdFusion and Acrobat source code liberation, mobile malware will continue to spread and everyone’s liberty is at risk from state-sponsored attacks.

 

Jon French from AppRiver explains, “Thanks to the media hype and the sheer effectiveness of malware such as Citadel and CryptoLocker in 2013, we should expect to see a continued if not an increased use of Ransomware well into 2014. The only thing that would possibly hinder the appearances of more Ransomware on the horizon would be the capture of the CryptoLocker group by authorities. Another cause for concern is Adobe’s recent breach. Obviously there are immediate repercussions for the individuals whose credentials have been stolen, but this is just the tip of this devastating iceberg. In a case of stolen software or source code there is also a large risk of a hacker knowing the ins and outs of the software thereby allowing them to write malicious code aimed at weaknesses they find. With the source code at their power, it’s a fair assumption that we’ll be seeing these exploits come to light in 2014.”

Speaking specifically of the highly publicised increased frequency of state-sponsored attacks and cyber-espionage French continues, “Every day, critical infrastructure and organisation entities face state-sponsored cyber attack. Far less common is for nation states to admit being behind them, but that doesn’t mean we’re naive enough to believe it’s not happening. As more countries become equipped, empowered and emboldened to orchestrate these attacks we can only expect the frequency and severity to increase.”

Before his untimely passing earlier this year, Barnaby Jack warned that hackers could potentially take control of medical devices with deadly intent. While AppRiver does not predict an epidemic of pacemaker murders – though it does not deny the possibility, it is concerned that hackers who enjoy ‘pranking’ will target the ever increasing diverse array of devices connected to the Internet, such as Internet-controlled thermostats, causing at best inconvenience and potentially financial implications.

There are precautions users can take to avoid becoming the next victim of cybercrime. Anti-virus software, user education and implementing sound security practices can help mitigate online threats. But as French warns, “Security must always be at the forefront of people’s minds. In a situation where users are not confronted with viruses every day, they may not think anything of opening an email file that looks like a pdf but actually turns out to be a virus. In fact, many people do not even realise they opened a virus until much later. For example, Cryptolocker notifies its victims about the security breach only after it has encrypted everything on the victim’s computer. Educating individuals to spot phishy emails and recognise file extensions can mean the difference between a clean computer and a malicious one.”

To thwart off a network attack, it is important to install the correct software and hardware – network firewall, VPN, IPS, and password policies to name a few. And just like user security training, it’s important for IT administrators to keep all software up to date. As French explains, “Exploits are discovered in software all the time and are usually published. The provider will push out updates or patches to fix the security holes as they arise, but having out-of-date software or signatures leaves a network open to known issues any attacker can take advantage of. That’s why it is critical to update software or firmware running on a home or business network.” Keeping track of security layers and ensuring that they remain up to date can protect against future IT threats.