Hackers increasingly went mobile last year, with Point of Sale terminals also key targets, Trend Micro report reveals
The major cyberattack on Sony Pictures, along with headline threats such as Heartbleed and Shellshock, helped make 2014 one of the biggest years on record for cyber security, according to a leading vendor.
Trend Micro’s annual security round-up report said that the attack cost Sony around $100m and compromised around 100 terabytes of data, making it the most prolific in a chequered year for the security industry.
Elsewhere, the report, entitled, “Magnified Losses, Amplified Need for Cyber-Attack Preparedness” also found that mobile and ecommerce threats grew as hackers began targeting an ever increasing business sector.
“The past year was unprecedented in terms of the size and scope of cyber-attacks as evidenced by the Sony situation,” said Tom Kellermann, Trend Micro’s chief cybersecurity officer. “Unfortunately, this will most likely be a ‘sneak peek’ of what is to come.”
The report stated that 2014 saw a switch to “quality over quantity” by hackers, as cyberattacks became increasingly more complex in order to evade detection.
“Quality over quantity was a resounding theme in the 2014 threat landscape, reflected in part by the overall volume of malicious components we identified and blocked throughout the year,” wrote Trend Micro.
“Web threats largely remained multicomponent in nature. However, as security events proved, attackers continued to fine tune their strategies even if these were not original to obtain not just more victims but more desirable ones.”
The report’s findings also confirmed Trend Micro’s late 2013 prediction that one sizable data breach would occur every month – further emphasising the need for organisations to protect their networks and implement intrusion detection.
One particular area of concern was mobile commerce, with the report uncovering a huge increase in attacks on in-store Point of Sale (PoS) terminals, leading the company to dub 2014 the “Year of PoS malware.”
Fuelled by an ongoing demand for stolen credit card data in cybercriminal underground markets, the company says that PoS breaches are close to becoming a mainstream threat, with reports of security incidents coming in at least once a month.
These attacks eventually led to several high-profile targets, including eBay, Staples and Office, losing millions of customer data to attackers month after month.
Online and mobile banking also faced bigger security challenges, the report found, proving that two-factor authentication was no longer enough to secure sensitive transactions.
“All in all, it’s a combination of identifying what’s most important, deploying the right technologies, and educating users,” added Raimund Genes, CTO, Trend Micro. “It is everybody’s job – not just those of IT professionals – to ensure that the company’s core data stays safe.”
Are you a security pro? Try our quiz!