CYBERSECURITY
image

Focus

From ransomware to cyberwar, 2015 will be a perilous year for Internet security

PUBLISHED : Sunday, 28 December, 2014, 1:20am
UPDATED : Sunday, 28 December, 2014, 10:29am

Will 2015 be a happy new year for internet users? Not if cyber-criminals have their way.

Online security companies have been making predictions for 2015, from the malware that will be trying to weasel its way on to our computers and smartphones to the prospect of cyberwar involving state-sponsored hackers.

Here's a summary of what you should be watching out for.

 

Preying on innocence

The more we do and share online, the more vulnerable we may be to "targeted" attacks.

"It is possible that our willingness to share and shop online will let criminals become more selective about who they target," suggests Stephen Bonner of KPMG.

"They won't need to maintain the current 'hit and hope' approach of spear phishing, instead only attacking specific users and computers based on the data these give away about owners."

 

Invading our health

Health care is also expected to be a target.

"Companies operating in the sector are a privileged target because of the wealth of personal data they manage, and that represents a precious commodity in the criminal underground," notes InfoSec Institute.

"Health care data is valuable because medical records can be used to commit several types of fraudulent activities or identity theft. Their value in the hacking underground is greater than stolen credit card data."

WebSense's Carl Leonard agrees, adding: "The health care industry is a prime target for cybercriminals. With millions of patient records now in digital form, health care's biggest security challenge in 2015 will be keeping personally identifiable information from falling through security cracks and into the hands of hackers."

 

Holding users ransom

One of the most common forms of malware in 2014 was "ransomware"- cybercriminals trying to extort money from victims either by locking their devices and demanding a fee to release them, or by accusing them of various unpleasant crimes.

"Users should remain sceptical of any message accusing them of various crimes such as zoophilic behaviour and distributing child pornography," claims BitDefender.

Symantec notes the growth of one particular strain of ransomware, Cryptolocker, which it claims accounted for 55 per cent of all attacks in October.

"Holding encrypted files for ransom is not entirely new, but getting the ransom paid has previously proven problematic for the crooks," Symantec explains.

"However recently ransomware makers have started leveraging online and electronic payment systems such as Bitcoins, Webmoney, Ukash, greendot (MoneyPak) to get around this challenge.

"Crooks like the relative anonymity and convenience of electronic payments and these are already readily available, putting businesses and consumers at greater risk from losing data, files or memories."

 

Payments become a target

One of the big announcements for Apple in 2014 was the launch of its mobile payments service, Apple Pay. However, security companies expect cybercriminals to make a concerted effort to crack it and rival services in 2015.

"Not all of these payment systems have been thoroughly tested to withstand real-world threats, and we may see attacks targeting mobile commerce in 2015," warns Trend Micro.

Symantec adds: "Apple Pay certainly addresses some of the weaknesses that have facilitated recent attacks on point-of-sale (PoS) systems. However, this should not be cause for complacency, since attackers will usually look for other weaknesses once an avenue of attack has been closed off."

How popular Apple Pay and rivals are will also be a factor.

"Criminal hackers tend to attack popular platforms where the yield is likely high. If no one adopts Apple Pay, then no one will target it," says Kaspersky.

 

All platforms under threat

It is now traditional for Apple's senior executives to take public pops at Android over malware, hammering home their claims that the biggest rival to iOS has more security problems. Will they be able to continue that line of attack in 2015?

"The Masque bug in iOS and the corresponding WireLurker malware targeting iOS devices via Apple and Windows port-machines had a lot of experts saying that the age of Apple malware is finally upon us," says Kaspersky, although it also points out that this is still most likely to affect people who have jailbroken their devices.

"Apple's closed-by-default ecosystem makes it harder for malware to successfully take hold of the platform, though some users - particularly those that like to use pirated software - will disable these features."

Others suggest that Android will remain the principal target for cybercriminals, as well as predicting a more general increase in mobile scams and attacks.

"We will see more vulnerabilities found in mobile devices, apps and platforms in the coming year. Cybercriminals will target data stored in these mobile devices," claims Trend Micro.

"A new exploit kit specifically developed to compromise mobile platforms will be available in the wild," adds InfoSec Institute.

"The attacks will benefit from a significant increase of phishing attacks on mobile devices, as malicious links and applications downloaded from third-party stores redirect users to websites hosting the malicious exploit kit. Once visited by victims, their mobile will become infected."

 

Exposing open-source flaws

Some of the most high-profile vulnerabilities of 2014 - Shellshock and Heartbleed - provoked discussion about the security of open-source code. Several security companies expect this debate to continue into 2015.

"These vulnerabilities were undetected for years and were only brought into the light recently," suggests Trend Micro. "Due to the massive impact of these vulnerabilities, cybercriminals may decide to investigate the existing code and see if other dormant vulnerabilities are present."

"From Heartbleed to Shellshock, it became evident there are significant pieces of insecure code used in a large number of our computer systems today," adds Sophos. "The events of 2014 have boosted the cybercriminals' interest in typically less-considered software and systems - so businesses should be preparing a response strategy."

WebSense agrees. "Old source code is the new Trojan horse waiting to be exploited, and open-source code is only the beginning. With so much code written and in use, it's impossible to catch every dormant exposure point until they've been executed," says Leonard.

 

Darknet to get even murkier

Meanwhile, technology like Tor - currently used for a variety of reasons, including activists anonymising their online activities when under pressure from authoritarian governments - will also be used by more cybercriminals in 2015.

"We've seen cybercriminals leveraging Deep Web and other darknet services as well as untraceable peer-to-peer networks for selling and exchanging tools and services," says Trend Micro. "Takedowns and collaborative efforts between researchers and law enforcement agencies have disrupted cybercrime gangs, giving them more reasons to go further underground."

BAE's cyber security boss Scott McVicar also thinks criminals will "go to greater lengths" to hide their identity, which will have an impact on efforts to identify them and nullify their efforts.

 

Watch for unsocial networks

In the social space, the huge number of people using networks like Facebook is proving an appetising target for malware developers.

"Malicious links hidden in atrocious Facebook videos will be on the rise in 2015," warns BitDefender."Malicious 'beheading and murder' videos are expected to multiply in the following year. ehaviour analysts and psychologists say teenagers are the most susceptible to clicking on shocking videos, as their empathy for victims of violence is lower."

Proofpoint has statistics on the growth of this kind of threat, explaining: "In 2014, [we] found a 650 per cent increase in social media spam compared to 2013, and 99 per cent of malicious URLs in inappropriate content led to malware installation or credential phishing sites.

"In 2015, Proofpoint expects inappropriate or malicious social media content to grow 400 per cent as attackers target enterprise social media accounts to perpetrate confidence schemes, distribute malware, and steal customer data."

 

Tangled by home connections

As more of our devices talk to one another - a mass of interconnections known as the Internet of Things (IoT) - there may also be a range of new security headaches to consider.

"While at present subscribers play an active role in spam prevention by reporting incidents to their operators, with IoT the challenge will be spotting the threats that can infect IoT devices," claims AdaptiveMobile. " The responsibility will fall on the operator to secure IoT services and devices at the network level."

WebSense thinks that in 2015, attacks on the Internet of Things will focus more on businesses than individuals with gadgets.

"While many hacks of refrigerators, home thermostats and cars have found their way to the headlines, the likelihood of a major attack campaign via connected household items in the age of the Internet of Things is minimal," it claims.

"While you may have to worry about cybercriminals successfully melting your butter or spoiling the milk in your refrigerator, there is little reward in attacks against your connected domestic devices. The criminal element has set its sights elsewhere."

 

Held hostage by rogue elements

As 2014 ends with the now-infamous hack of Sony Pictures - with intense debate about whether North Korea was involved - security firms see 2015 bringing a greater prospect of cyberattacks on behalf of nation states, even if they don't run them themselves.

"Cyber warfare is very attractive to small nations," notes InfoSec Institute.

"The development of a government-built malware is cheaper than any other conventional weapon and far more accessible to any nation state. Cyber warfare represents for every government an efficient alternative to conventional weapons.

"North Korea, Syria, and Iran are among the countries that have developed great capabilities that pose a serious threat to major Western states. The risk of a serious attack on the critical infrastructure of a Western government is high, and its attribution will be even more difficult."

The boundaries between cybercriminal gangs and governments may also blur, with Kaspersky predicting: "Criminal groups will increasingly adopt nation-state tactics.

"State-sponsored, advanced persistent threat hacking groups, like we've seen in cases such as DarkHotel, Regin and Crouching Yeti/Energetic Bear, will begin to merge with hacking campaigns perpetrated by criminals, like those targeting JP Morgan Chase, Target and others.

"State groups could also contract their espionage activities out to criminal groups that will use criminal tools and expertise to perform spying activities, steal intellectual property or gather intelligence about vulnerabilities in critical infrastructure systems at the behest of government groups."