MoD to save taxpayer up to £1 billion in a new con... » The MoD has agreed a contract to update and sustain the UK’s military air traffic management which i... Lieberman Software Privilege Management Solution... » London, UK: Lieberman Software Corporation’s privilege management product, Enterprise Random Passwor... Morocco to help United Arab Emirate to combat ter... » Washington, DC: Moroccan Minister of Foreign Affairs Salaheddine Mezouar has said Morocco will provi... "Use cameras only as necessary and proportionate r... » In view of the recent warning from the Information Commissioner’s Office (ICO), it appears the days ... Creeks in Goodluck Jonathan's Niger Delta havens f... » Ogbuefi Jonathan...Nigeria's multi-billionaire President whose little corner stinks to high hea... Leadinng forensic anthropologist receives prestigi... » Vigilance can report that leading forensic anthropologist Dr Tim Thompson has been presented with ... British soldiers make last journey home after 13 ... » Can these Afghan soldiers be entrusted with the defence of democracy and their country for long? Tim... Empello’s new guardian technology protects against... » London: Empello has announced a major leap forward in its ad monitoring capabilities. The new ‘Guar... Bash Bug laughs in the face of traditional passwor... » Utrecht/Frankfurt/London: The ease with which hackers can steal sensitive login details from compani... Encap Security incorporates convenience of Apple... » Oslo & Palo Alto: Encap Security, the first in-app authentication solution to arm banks, retailers a...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Cyber-crime and malware attacks will increase during 2014 as criminals capitalise on recent successes and continue to use technology for illicit gain

AppRiver, the cloud-based email and Web security specialist has released its threat forecast for 2014 warning that many of the security headlines of 2013 are just the precursor of things to come. It predicts that, having proved lucrative, many criminals will continue to invest time and effort infecting devices and holding data to ransom; there will be devastating repercussions following Adobe’s ColdFusion and Acrobat source code liberation, mobile malware will continue to spread and everyone’s liberty is at risk from state-sponsored attacks.

 

Jon French from AppRiver explains, “Thanks to the media hype and the sheer effectiveness of malware such as Citadel and CryptoLocker in 2013, we should expect to see a continued if not an increased use of Ransomware well into 2014. The only thing that would possibly hinder the appearances of more Ransomware on the horizon would be the capture of the CryptoLocker group by authorities. Another cause for concern is Adobe’s recent breach. Obviously there are immediate repercussions for the individuals whose credentials have been stolen, but this is just the tip of this devastating iceberg. In a case of stolen software or source code there is also a large risk of a hacker knowing the ins and outs of the software thereby allowing them to write malicious code aimed at weaknesses they find. With the source code at their power, it’s a fair assumption that we’ll be seeing these exploits come to light in 2014.”

Speaking specifically of the highly publicised increased frequency of state-sponsored attacks and cyber-espionage French continues, “Every day, critical infrastructure and organisation entities face state-sponsored cyber attack. Far less common is for nation states to admit being behind them, but that doesn’t mean we’re naive enough to believe it’s not happening. As more countries become equipped, empowered and emboldened to orchestrate these attacks we can only expect the frequency and severity to increase.”

Before his untimely passing earlier this year, Barnaby Jack warned that hackers could potentially take control of medical devices with deadly intent. While AppRiver does not predict an epidemic of pacemaker murders – though it does not deny the possibility, it is concerned that hackers who enjoy ‘pranking’ will target the ever increasing diverse array of devices connected to the Internet, such as Internet-controlled thermostats, causing at best inconvenience and potentially financial implications.

There are precautions users can take to avoid becoming the next victim of cybercrime. Anti-virus software, user education and implementing sound security practices can help mitigate online threats. But as French warns, “Security must always be at the forefront of people’s minds. In a situation where users are not confronted with viruses every day, they may not think anything of opening an email file that looks like a pdf but actually turns out to be a virus. In fact, many people do not even realise they opened a virus until much later. For example, Cryptolocker notifies its victims about the security breach only after it has encrypted everything on the victim’s computer. Educating individuals to spot phishy emails and recognise file extensions can mean the difference between a clean computer and a malicious one.”

To thwart off a network attack, it is important to install the correct software and hardware – network firewall, VPN, IPS, and password policies to name a few. And just like user security training, it’s important for IT administrators to keep all software up to date. As French explains, “Exploits are discovered in software all the time and are usually published. The provider will push out updates or patches to fix the security holes as they arise, but having out-of-date software or signatures leaves a network open to known issues any attacker can take advantage of. That’s why it is critical to update software or firmware running on a home or business network.” Keeping track of security layers and ensuring that they remain up to date can protect against future IT threats.