|[January 14, 2014]
AhnLab Announces 'Top 7 Security Concerns for 2014'
SAN FRANCISCO --(Business Wire)--
AhnLab, a leading provider of information security products for
enterprise business environments, today announced its "Top 7 Security
Concerns for 2014".
"It's a never ending battle in the cyber trenches and in the cloud,"
said Luke Lee, Director of ASEC (AhnLab Security Emergency Response
Center). "Our researchers in the ASEC work nonstop using AhnLab Smart
Defense and our other proprietary technologies to identify and stop
APTs, advanced threats, and other malware created by cyber criminals
before they steal and/or inflect damage."
Because AhnLab is immersed in the cyber trenches and the cloud, the ASEC
team is very experienced monitoring trends and keeping tabs on what is
being developed by cybercriminals worldwide. AhnLab publishes results
and trends in its monthly ASEC Report, but the following are the key
security concerns that the ASEC team will be paying attention to in 2014.
1) Malware targeting end users will grow more sophisticated, just
like the ones used in APT (News - Alert)-type of attacks
APTs (Advanced Persistent Threats), and other advanced targeted attacks,
delivered immense damages worldwide. The latest attack was the theft of
account information from 70 million Target (News - Alert) customers in the US in late
2013. In 2014, malware aimed at end users will be even more advanced,
like the ones used in APT attacks. In other words, advanced threat
(malware) will target not only organizations but individual users.
OnlineGameHack, which is designed to steal online game accounts, is on
its way to being transformed to banking malware, which steals banking
credentials. APT-types of threats are not much different from watering
hole attacks* which exploits zero-day vulnerabilities. In addition, the
number of bitcoin-mining malware attacks will increase.
*Watering hole attack: A watering hole attack occurs when an attacker
infuses a niche Web site with malicious code, and then relies on
anticipated traffic from desired targets for subsequent infections. Web
sites compromised with SQL injection, malicious iFrames or cross-site
scripting code will automatically infect users once they visit the site.
2) Hardware-based malware distribution will increase
Firmware is the combinatin of persistent memory and program code and
data stored in the hardware devices. In 2014, cyber criminals will
accelerate their distribution of malware via hardware, including
firmware, to avoid being detected. In April 2013, BIOS (a kind of
firmware) source code was leaked from the vendor. The backdoor in the
specific firmware was found in October. In a stranger occurrence, in
November, some irons imported from China into Russia allegedly showed
evidence of including wireless spy chips that could connect to
unprotected Wi-Fi networks and spread viruses.
3) Acceleration of industrialization of online banking fraud and
Cybercrime will continue to grow as a business. In 2013, there were many
types of online banking frauds including (voice) phishing, pharming,
smishing (SMS+phishing) and memory modification. Experts point out that
banking malware continues to become more sophisticated. We expect that
malware authors will continue to target the financial sector. In
addition to banking being a prime target, government,
telecommunications, and manufacturing will continue to be high on the
4) Attackers will find easier ways to distribute malware
In 2014, attackers will utilize even more cost-effective ways to
distribute malware. Already, cyber criminals can rent botnets to spread
malware, rather than develop their own. We predict that, for example,
they will try to compromise CDN (Content Delivery Network) providers,
domain providers and/or ISPs so that the users can easily get infected
when they visit the websites connected with compromised content from
5) Increased probability of encountering malware, as Microsoft (News - Alert) stops
the support of Windows XP
Support for Windows XP SP3 and Office 2003 will end on April 8th, 2014.
This means that users will no longer get security updates (patches) for
Windows XP from Microsoft. It is obvious that the attackers will exploit
security flaws of XP and IE 6 to 8, as many PC users are still using
them. Home users will have to rely on antivirus, internet security,
firewalls and other third-party security solutions. Both home and
business desktop users will need to update their OS. Also, Mac users are
not immune from attacks!
6) Targeted mobile malicious app will appear
In our research, malicious apps focused on the Android (News - Alert) OS are becoming
more similar to PC malware in terms of volume and targeting. As PC
malware from cybercriminals goes lower in volume, yet highly targeted,
android malicious apps will experience the same scrutiny. This is
because to decrease the risk of detection, attackers will aim their
attacks at the mobile devices of key people and individuals in
businesses, companies, and in the government, rather than the mass
market. Their damage can be even greater. There are major risks to BYOD!
7) Cyber warfare will become more visible and intense
We're not saying that cyber warfare wasn't there before Edward Snowden
unveiled classified NSA documents. His actions will result in cyber
warfare becoming a greater area of concern and a top priority in
national and international security.
AhnLab creates agile, integrated Internet security solutions for
enterprise and government. Founded in 1995, AhnLab is a global leader in
security research and delivers comprehensive network protection products
that stop malware and other sophisticated threats dead. By combining
dynamic signature-less boundary analysis, big-data analytics, and
proactive endpoint protection, AhnLab delivers best-of-breed breach
prevention that scales easily for the largest high-speed networks.
AhnLab's approach combines with exceptional scalability to create truly
global protection against attacks that evade traditional security
defenses and first & second-generation malware systems. That's why more
than 25,000 organizations rely on AhnLab's award-winning products and
services to make the Internet safe and reliable for their business
To learn more about AhnLab and AhnLab MDS, visit AhnLab online at: http://www.ahnlab.com.
[ InfoTech Spotlight's Homepage ]