Balabit named Representative Vendor in Gartner Mar... » NEW YORK CITY:  Balabit has been listed as a representative vendor in Gartner’s Market Guide for Use... Aricent and Rohde, Schwarz Cybersecurity unveil a ... » REDWOOD CITY, California/ Leipzig, Germany: Aricent, Rohde & Schwarz Cybersecurity have announce... TrapX deepens deception capabilities with Deceptio... » SAN MATEO, Calif.: TrapX Security has released version 6.0 of its DeceptionGrid™ platform. Version 6... Cloud infrastructure services providers comply wit... » Brussels: The Cloud Infrastructure Services Providers in Europe (CISPE)have declared that over 30 se... Armour Comms launches first secure Voice over IP... » London: Armour Communications has announced its integration with Skype for Business. Armour Mobile i... Anam Technologies selected by Deutsche Telekom a... » DUBLIN, BONN:  Anam Technologies has gone into partnership with Deutsche Telekom International Carri... 6.7 percent of programmes on private UK PCs are en... » Maidenhead, U.K: The average private user in the UK has 72 programmes installed on their PC, and 6.7... Multitone’s EkoSecure Personal Alert System chos... » Multitone Electronics plc has announced that its German-based team, Multiton Elektronik GmbH, has su... IoT 2020: Smart and secure IoT platform » Geneva, Switzerland: The Internet of Things (IoT) significantly impacts the global economy and is ex... Letterbox company to keep properties safe with inn... » A specialist mailbox manufacturer has made a pledge to enhance the security of UK properties through...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Cyber-crime and malware attacks will increase during 2014 as criminals capitalise on recent successes and continue to use technology for illicit gain

AppRiver, the cloud-based email and Web security specialist has released its threat forecast for 2014 warning that many of the security headlines of 2013 are just the precursor of things to come. It predicts that, having proved lucrative, many criminals will continue to invest time and effort infecting devices and holding data to ransom; there will be devastating repercussions following Adobe’s ColdFusion and Acrobat source code liberation, mobile malware will continue to spread and everyone’s liberty is at risk from state-sponsored attacks.

 

Jon French from AppRiver explains, “Thanks to the media hype and the sheer effectiveness of malware such as Citadel and CryptoLocker in 2013, we should expect to see a continued if not an increased use of Ransomware well into 2014. The only thing that would possibly hinder the appearances of more Ransomware on the horizon would be the capture of the CryptoLocker group by authorities. Another cause for concern is Adobe’s recent breach. Obviously there are immediate repercussions for the individuals whose credentials have been stolen, but this is just the tip of this devastating iceberg. In a case of stolen software or source code there is also a large risk of a hacker knowing the ins and outs of the software thereby allowing them to write malicious code aimed at weaknesses they find. With the source code at their power, it’s a fair assumption that we’ll be seeing these exploits come to light in 2014.”

Speaking specifically of the highly publicised increased frequency of state-sponsored attacks and cyber-espionage French continues, “Every day, critical infrastructure and organisation entities face state-sponsored cyber attack. Far less common is for nation states to admit being behind them, but that doesn’t mean we’re naive enough to believe it’s not happening. As more countries become equipped, empowered and emboldened to orchestrate these attacks we can only expect the frequency and severity to increase.”

Before his untimely passing earlier this year, Barnaby Jack warned that hackers could potentially take control of medical devices with deadly intent. While AppRiver does not predict an epidemic of pacemaker murders – though it does not deny the possibility, it is concerned that hackers who enjoy ‘pranking’ will target the ever increasing diverse array of devices connected to the Internet, such as Internet-controlled thermostats, causing at best inconvenience and potentially financial implications.

There are precautions users can take to avoid becoming the next victim of cybercrime. Anti-virus software, user education and implementing sound security practices can help mitigate online threats. But as French warns, “Security must always be at the forefront of people’s minds. In a situation where users are not confronted with viruses every day, they may not think anything of opening an email file that looks like a pdf but actually turns out to be a virus. In fact, many people do not even realise they opened a virus until much later. For example, Cryptolocker notifies its victims about the security breach only after it has encrypted everything on the victim’s computer. Educating individuals to spot phishy emails and recognise file extensions can mean the difference between a clean computer and a malicious one.”

To thwart off a network attack, it is important to install the correct software and hardware – network firewall, VPN, IPS, and password policies to name a few. And just like user security training, it’s important for IT administrators to keep all software up to date. As French explains, “Exploits are discovered in software all the time and are usually published. The provider will push out updates or patches to fix the security holes as they arise, but having out-of-date software or signatures leaves a network open to known issues any attacker can take advantage of. That’s why it is critical to update software or firmware running on a home or business network.” Keeping track of security layers and ensuring that they remain up to date can protect against future IT threats.