Targeted attacks are to become as prevalent as ordinary cyber-crime, with new threats also targeting connected appliances, mobile platforms and online banking, says Trend Micro
Targeted attacks are to become as prevalent as ordinary cyber-crime in 2015, with “brutal” tactics being employed by hackers from a growing number of countries, including the UK, according to a new report from Trend Micro.
High-profile breaches in the US achieved using targeted methods will encourage wider use of such techniques, the Texas-based security firm said in its report (PDF), “The Invisible Becomes Visible”, which also highlights the dangers facing mobile payment systems, “Internet of Things” (IoT) connected appliances and mobile device platforms.
Targeted attacks on the rise
“Targeted attacks will no longer just be associated with countries like the United States or Russia,” Trend Micro said in the report. “We’ve seen such attacks originate from other countries like Vietnam, India, and the United Kingdom. We’ve seen threat actors set their sights on countries like Indonesia and Malaysia.”
Raimund Genes, chief technology officer of Trend Micro, added that what is most striking is the “velocity and brutal measures” cyber-criminals use to steal data.
“Hackers from other countries will regard cyber-attacks as a more practical method to grab a foothold in an organisation,” Genes said in a statement.
The vectors for targeted attacks will increasingly include not only spear-phishing emails or watering-hole tactics, but also social media and the exploitation of router vulnerabilities, Trend said.
The spread of Near-Field Communication (NFC)-based payment systems such as Apple Pay are expected to open up another significant attack vector in the coming months, and Trend Micro warned that users shouldn’t expect the technology to be bulletproof.
“As NFC is poised to become more relevant than ever, users should realise that attackers can and will find ways to intercept NFC tags in transit,” the company said.
While Internet of Things devices will not themselves face mass hacks in the immediate future due to their “technological diversity”, the data they process will be targeted by hackers, Trend said.
“From 2015 onward, users will start to realise that virtually all devices and apps, including smart devices and appliances, that access the web can be hacked,” stated the company.
Mobile devices such as smartphones will face more widespread threats, with Trend expecting an exploit kit similar to Blackhole to appear targeting platforms such as Android and iOS, automating the exploitation of mobile vulnerabilities. The company recommended users to keep their devices updated to help fend off such threats.
Trend said it expects to see the increasing use of the “darknets”, technologies such as Tor that enable Internet anonymity, by cyber-crooks – who will increasingly even encourage users to go into “the deep recesses of the web”, as occurred in the recent leaks of celebrity photos.
The company said it also expects the appearance of more advanced hacking tools and campaigns; increased exploitation of vulnerabilities in open source software; and more severe threats to online banking.
Are you a security pro? Try our quiz!