Story image

The biggest malware threats of 2014 and top 2015 predictions

03 Dec 14

This year has been significant for cyber security, according to Bitdefender, the internet security software provider. In 2014, security threats involved high-level security breaches, large-scale vulnerabilities and privacy debates.

Attacks against infrastructures have become increasingly sophisticated, says Bitdefender. Companies have become the focus of targeted attacks by hackers who want to take advantage of the wide surface area to launch ever-growing cybercrime campaigns and extract valuable data. Financial data is among the most valuable and targeted information.

Ransomware also continues to evolve, moving to new platforms and OS systems, despite the fact that the June takedown of the Zeus botnet temporarily stopped the spread of Cryptolocker.

BlackPOS, Koler and CryptoLocker were three of the most significance malware threats of 2014.

Targeting customers of major banks, BlackPOS takes credit and debit card data from point-of-sale (POS) systems running Microsoft Windows systems.

It was created by a hacker known as ‘Antikiller’ and is disguised as a recognisable AV vendor software. It uses RAM scraping to grab card data from the memory of the POS device, withdrawing it to a compromised server, and uploading it to a FTP.

Bitdefender recommends enterprises and large organisations to implement a multi-layered security solution to ensure networks are protected against vulnerabilities in systems and applications.

First reported in May 2015 Koler, Android Trojan malware, poses as a valid video player offering premium access to pornography, and downloads automatically during a browsing session.

When the Trojan infects a machine, it prevents the user from accessing mobile home screens. A message from ‘the national police service’ says the user has been monitored accessing child abuse websites and demands payment to prevent prosecution.

For this type of malware, Bitdefender says users should install a mobile security solution.

CryptoLocker is a prolific ransomware trojan that uses encryption to lock computer files and demands a random to decrypt the files.

It was first noticed in September 2013 and comes as a malicious attachment with spam. Should a user open the attachment, the malicious .exe files are downloaded and executed. Once CryptoLocker has access to a computer, it connects to randomly generated domains to download a 2048-bit RSA public key used to encrypt computer files.

Decryption is almost impossible with the RSA public key as it requires the hidden corresponding private key.

Over 500,000 users have fallen victim to this malware. In order to prevent a safety breach, Bitdefender says users should ensure their operating system and security software are regularly updated.

Looking to 2015, Bitdefender predicts five key trends. It says mobile payment technologies will bring new security challenges, Botnet anonymisation will further help cybercriminals to make huge profits, and open source software vulnerabilities and intentional backdoors will be exploited.

Furthermore, in 2015 the use of personal smart devices connected to enterprise networks will be exploited to access enterprise systems, and cybercrime will profit from selling crimeware kits on specialised forums and black markets.

Data centre cybersecurity actions that most people overlook
Schneider’s Steven Carlini discusses ways to improve data centre cybersecurity that most people don’t think of until it’s too late.
Alibaba Cloud showcases commitment to Hong Kong
The company’s service capability in Hong Kong has doubled since it established its first data centre in the city in 2014.
5 tips to reduce data centre transceiver costs
Keysight Technologies' Nicole Faubert shares her advice on how organisations can significantly reduce test time and cost of next-generation transceivers.
The new world of edge data centre management
Schneider Electric’s Kim Povlsen debates whether the data centre as we know it today will soon cease to exist.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
SUSE partners with Intel and SAP to accelerate IT transformation
SUSE announced support for Intel Optane DC persistent memory with SAP HANA.
Inspur uses L11 rack level integration to deploy 10,000 nodes in 8 hours
Inspur recently delivered a shipment of rack scale servers of more than 10,000 nodes to the Baidu Beijing Shunyi data center within 8 hours.
How HCI helps enterprises stay on top of data regulations
Increasing data protection requirements will supposedly drive the demand for Hyper-Converged Infrastructure solutions across the globe.