Cyber attacks may get more virulent, Cisco, Kaspersky warn
By James Ratemo, Nairobi, Kenya
Cyber attackers are using more subtle methods to infiltrate corporate networks with the aim of stealing vital information or simply causing mayhem. This is according Kaspersky Lab and Cisco, who say IT security experts should up their game in educating users how to ward off potential attackers.
Whether they use Windows or Mac, all users must be vigilant says Kasperky Lab.
According to Kaspersky Lab, no system can be considered entirely secure from cyber threats; therefore extra tools are needed to ensure online security.
Bethwel Opil, Channel Sales Manager East Africa at Kaspersky Lab, said in an interview that cyber attackers are using individual employees’ gadgets as entry point to the corporate networks.
This means despite their having made a huge investment in IT security solutions, corporates could still fall victim to cyber attackers if their staff have not been educated about how to keep safe, he said.
Opil said mobile and online banking could be the next frontier for cyber criminals as they move to steal money and the identities of unsuspecting customers.
The reason why cyber goons would target these platforms is because of the numbers involved. Millions of Kenyans have adopted mobile and online banking which was not the case a decade ago, says Opil.
The Cisco 2015 Annual Security Report released on Tuesday also reveals that organizations must adopt an ‘all hands on deck’ approach to defend against cyber attacks.
“Attackers have become more proficient at taking advantage of gaps in security to evade detection and conceal malicious activity. Defenders, namely, security teams, must be constantly improving their approach to protect their organization from these increasingly sophisticated cyber attack campaigns,” the Cisco report reads in part.
The Cisco report findings conclude that its time for corporate boards to take a role in setting security priorities and expectations.
“Online criminals are expanding their tactics and morphing their messages to carry out cyber-attack campaigns and make it harder to detect them,” says the report dubbed Cisco 2015 Annual Security Report.
“Users are caught in the middle. Not only are they the targets, but end-users are unknowingly aiding cyber attacks. Throughout 2014, Cisco threat intelligence research revealed that attackers have increasingly shifted their focus from servers and operating systems as more users are downloading from compromised sites leading to a 280% increase in Silverlight attacks along with a 250% increase in spam and malvertising exploits,” adds Cisco.
Results from Cisco’s Security Benchmark Study, which surveyed Chief Information Security Officers (CISO’s) and Security Operations executives at 1700 companies globally reveals a widening gap in defender intent and actions.
Specifically, the study indicates that 75 percent of CISOs see their security tools as very or extremely effective. However, less than 50 percent of respondents use standard tools such as patching and configuration to help prevent security breaches and ensure that they are running the latest versions. Heartbleed was landmark vulnerability last year, yet 56% of all OpenSSL versions are over 4.5 years old. That is a strong indicator that security teams are not patching.
While many defenders believe their security processes are optimized and their security tools are effective, in truth, their security readiness likely needs improvement.
“Security is now the responsibility of everyone within an organization, from the board room to individual users…to protect organizations against attacks across the attack continuum, CIOs need to ensure that their teams have the right tools and visibility to create a strategic security posture, as well as educate users to aid in their own safety and the safety of the business,” said Sabrina Dar, GM, Cisco East Africa.
According to Kaspersky Lab the increasing popularity of Apple devices in recent years has led to cybercriminals taking more and more interest in the OS X and iOS operating systems thus putting users’ data and privacy – as well as their money – under threat.
A joint study by Kaspersky Lab and B2B International found that one in four Mac desktop users encountered a malware programme last year. The study also indicated that 21% of these cyber-attacks lead to financial losses, including the costs of buying software to restore the system or hiring IT specialists to disinfect the machine.
“Wirelurker, a recently-detected Trojan, is a vivid example of malware specifically designed to target Apple users. In the 6 months prior to its detection it was downloaded 356,000+ times from an alternative app store, so it could have infected a significant number of computers,” said Kaspersky.
Wirelurker is unique in that it exploited a hitherto-unknown vulnerability to spread to any Apple iOS devices that were connected to an infected computer. The Trojan could even infect devices that had not been ‘jail-broken’, opened up to download apps from third-party sources. The net result was that users of OS X, an operating system believed to be safe from malware, inadvertently infected devices running under iOS.
However, viruses and other types of malware are not the only threats to users of Mac devices. Network attacks and online fraud, for example, do not need to install any malicious software on a victim’s device. Phishing is one of these threats. Interestingly, the percentage of OS X users who encountered financial threats is even higher than for users in general. 51% of users with OS X computers said they encountered financial threats within the past year; for users in general the figure is 43%.
These statistics are supported by data from Kaspersky Security Network: of all OS X phishing attacks detected by Kaspersky Lab over the period from November 2013 through October 2014, 44% aimed at stealing financial data. In other environments, the share of financial fishing is 26%.
OS X users should also remain alert to other cross-platform threats, such as vulnerabilities in the software installed on their devices. For example, the ShellShock vulnerability published in September 2014 potentially allows a cybercriminal to execute any code, including malicious code, on a computer. However, if cybercriminals discover these security loopholes before anyone else they have a window of opportunity where they can exploit the vulnerability for malicious ends before the manufacturer of the OS can fix the problem.