IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
The biggest malware threats of 2014 and top 2015 predictions
Wed, 3rd Dec 2014
FYI, this story is more than a year old

This year has been significant for cyber security, according to Bitdefender, the internet security software provider. In 2014, security threats involved high-level security breaches, large-scale vulnerabilities and privacy debates.

Attacks against infrastructures have become increasingly sophisticated, says Bitdefender. Companies have become the focus of targeted attacks by hackers who want to take advantage of the wide surface area to launch ever-growing cybercrime campaigns and extract valuable data. Financial data is among the most valuable and targeted information.

Ransomware also continues to evolve, moving to new platforms and OS systems, despite the fact that the June takedown of the Zeus botnet temporarily stopped the spread of Cryptolocker.

BlackPOS, Koler and CryptoLocker were three of the most significance malware threats of 2014.

Targeting customers of major banks, BlackPOS takes credit and debit card data from point-of-sale (POS) systems running Microsoft Windows systems.

It was created by a hacker known as ‘Antikiller’ and is disguised as a recognisable AV vendor software. It uses RAM scraping to grab card data from the memory of the POS device, withdrawing it to a compromised server, and uploading it to a FTP.

Bitdefender recommends enterprises and large organisations to implement a multi-layered security solution to ensure networks are protected against vulnerabilities in systems and applications.

First reported in May 2015 Koler, Android Trojan malware, poses as a valid video player offering premium access to pornography, and downloads automatically during a browsing session.

When the Trojan infects a machine, it prevents the user from accessing mobile home screens. A message from ‘the national police service’ says the user has been monitored accessing child abuse websites and demands payment to prevent prosecution.

For this type of malware, Bitdefender says users should install a mobile security solution.

CryptoLocker is a prolific ransomware trojan that uses encryption to lock computer files and demands a random to decrypt the files.

It was first noticed in September 2013 and comes as a malicious attachment with spam. Should a user open the attachment, the malicious .exe files are downloaded and executed. Once CryptoLocker has access to a computer, it connects to randomly generated domains to download a 2048-bit RSA public key used to encrypt computer files.

Decryption is almost impossible with the RSA public key as it requires the hidden corresponding private key.

Over 500,000 users have fallen victim to this malware. In order to prevent a safety breach, Bitdefender says users should ensure their operating system and security software are regularly updated.

Looking to 2015, Bitdefender predicts five key trends. It says mobile payment technologies will bring new security challenges, Botnet anonymisation will further help cybercriminals to make huge profits, and open source software vulnerabilities and intentional backdoors will be exploited.

Furthermore, in 2015 the use of personal smart devices connected to enterprise networks will be exploited to access enterprise systems, and cybercrime will profit from selling crimeware kits on specialised forums and black markets.