CHANNELS

Subscribe to the InfoTech eNewsletter

infoTECH News

TMCNet:  AhnLab Announces 'Top 7 Security Concerns for 2014'

[January 14, 2014]

AhnLab Announces 'Top 7 Security Concerns for 2014'

SAN FRANCISCO --(Business Wire)--

AhnLab, a leading provider of information security products for enterprise business environments, today announced its "Top 7 Security Concerns for 2014".

"It's a never ending battle in the cyber trenches and in the cloud," said Luke Lee, Director of ASEC (AhnLab Security Emergency Response Center). "Our researchers in the ASEC work nonstop using AhnLab Smart Defense and our other proprietary technologies to identify and stop APTs, advanced threats, and other malware created by cyber criminals before they steal and/or inflect damage."

Because AhnLab is immersed in the cyber trenches and the cloud, the ASEC team is very experienced monitoring trends and keeping tabs on what is being developed by cybercriminals worldwide. AhnLab publishes results and trends in its monthly ASEC Report, but the following are the key security concerns that the ASEC team will be paying attention to in 2014.

1) Malware targeting end users will grow more sophisticated, just like the ones used in APT (News - Alert)-type of attacks

APTs (Advanced Persistent Threats), and other advanced targeted attacks, delivered immense damages worldwide. The latest attack was the theft of account information from 70 million Target (News - Alert) customers in the US in late 2013. In 2014, malware aimed at end users will be even more advanced, like the ones used in APT attacks. In other words, advanced threat (malware) will target not only organizations but individual users. OnlineGameHack, which is designed to steal online game accounts, is on its way to being transformed to banking malware, which steals banking credentials. APT-types of threats are not much different from watering hole attacks* which exploits zero-day vulnerabilities. In addition, the number of bitcoin-mining malware attacks will increase.

*Watering hole attack: A watering hole attack occurs when an attacker infuses a niche Web site with malicious code, and then relies on anticipated traffic from desired targets for subsequent infections. Web sites compromised with SQL injection, malicious iFrames or cross-site scripting code will automatically infect users once they visit the site.

2) Hardware-based malware distribution will increase

Firmware is the combinatin of persistent memory and program code and data stored in the hardware devices. In 2014, cyber criminals will accelerate their distribution of malware via hardware, including firmware, to avoid being detected. In April 2013, BIOS (a kind of firmware) source code was leaked from the vendor. The backdoor in the specific firmware was found in October. In a stranger occurrence, in November, some irons imported from China into Russia allegedly showed evidence of including wireless spy chips that could connect to unprotected Wi-Fi networks and spread viruses.

3) Acceleration of industrialization of online banking fraud and cybercrime

Cybercrime will continue to grow as a business. In 2013, there were many types of online banking frauds including (voice) phishing, pharming, smishing (SMS+phishing) and memory modification. Experts point out that banking malware continues to become more sophisticated. We expect that malware authors will continue to target the financial sector. In addition to banking being a prime target, government, telecommunications, and manufacturing will continue to be high on the list.

4) Attackers will find easier ways to distribute malware

In 2014, attackers will utilize even more cost-effective ways to distribute malware. Already, cyber criminals can rent botnets to spread malware, rather than develop their own. We predict that, for example, they will try to compromise CDN (Content Delivery Network) providers, domain providers and/or ISPs so that the users can easily get infected when they visit the websites connected with compromised content from ISPs.

5) Increased probability of encountering malware, as Microsoft (News - Alert) stops the support of Windows XP

Support for Windows XP SP3 and Office 2003 will end on April 8th, 2014. This means that users will no longer get security updates (patches) for Windows XP from Microsoft. It is obvious that the attackers will exploit security flaws of XP and IE 6 to 8, as many PC users are still using them. Home users will have to rely on antivirus, internet security, firewalls and other third-party security solutions. Both home and business desktop users will need to update their OS. Also, Mac users are not immune from attacks!

6) Targeted mobile malicious app will appear

In our research, malicious apps focused on the Android (News - Alert) OS are becoming more similar to PC malware in terms of volume and targeting. As PC malware from cybercriminals goes lower in volume, yet highly targeted, android malicious apps will experience the same scrutiny. This is because to decrease the risk of detection, attackers will aim their attacks at the mobile devices of key people and individuals in businesses, companies, and in the government, rather than the mass market. Their damage can be even greater. There are major risks to BYOD!

7) Cyber warfare will become more visible and intense

We're not saying that cyber warfare wasn't there before Edward Snowden unveiled classified NSA documents. His actions will result in cyber warfare becoming a greater area of concern and a top priority in national and international security.

About AhnLab

AhnLab creates agile, integrated Internet security solutions for enterprise and government. Founded in 1995, AhnLab is a global leader in security research and delivers comprehensive network protection products that stop malware and other sophisticated threats dead. By combining dynamic signature-less boundary analysis, big-data analytics, and proactive endpoint protection, AhnLab delivers best-of-breed breach prevention that scales easily for the largest high-speed networks. AhnLab's approach combines with exceptional scalability to create truly global protection against attacks that evade traditional security defenses and first & second-generation malware systems. That's why more than 25,000 organizations rely on AhnLab's award-winning products and services to make the Internet safe and reliable for their business operations.

To learn more about AhnLab and AhnLab MDS, visit AhnLab online at: http://www.ahnlab.com.


[ InfoTech Spotlight's Homepage ]


blog comments powered by Disqus

FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter