Trend Micro’s Q1 Security Roundup report reveals that attackers are devising ever more sophisticated operational techniques to utilize “unlikely sources to carry out high-profile exploits” against high-value targets that are most likely to be well defended.
The report indicates that malware targeting online banking is proliferating, with a three percent increase over Q1 2013, and that there has been an unprecedented surge in mobile malware and malicious applications – now estimated at 2 million variants introduced since the debut of the Android platform.
“Greed is motivating cybercriminals to take a non-traditional approach in the selection of unlikely targets, such as advanced threats to Point-of-Sale (PoS) terminals and the exploitation of disasters. Though well protected, these new targets are in the crosshairs of emboldened cybercriminals around the world,” the report states.
Key findings in the report include:
- Mobile Threats: The mobile threat landscape continues to grow at an even faster pace than last year as the total number of mobile malware and high-risk apps grew to 2 million this quarter. The explosion of repackaged apps—those that have been maliciously tampered with to pass Android’s’ security features—also contributed to the huge spike in mobile malware and high-risk app volume growth
- Cybercrime and the Cybercriminal Underground: This quarter’s online banking malware volume significantly dropped from the end of 2013. This year’s first quarter number did not differ much from the same timeframe one year ago, and the high numbers at the close of last year could be attributed to the holiday season when cybercriminals pursue online shoppers
- Targeted Attack Campaigns and Cyber Attacks: Reports of PoS system infiltration in the United States, particularly in retail and hospitality, as well as insider threats targeting South Korean credit card companies highlighted the need for customized defense strategies
- Digital Life and the Internet of Everything: A new-generation of exploits took the app ecosystem by storm this quarter. These apps cater to users’ desire to anonymously share content, send off-the-record messages, and share media. Along with observing more social engineering scams, several devices in the Internet of Everything (IoE) market were scrutinized, as security researchers exposed gaping vulnerabilities
“Organizations continued to struggle with attacks that were targeted in nature, which could be directly aimed at the energy, financial, healthcare, and retail industries or critical infrastructure,” said JD Sherry, vice president of technology and solutions, Trend Micro.
“It came down to a simple equation—high-value targets that promised massive payouts were compromised despite the determined efforts of organizations to protect their valuable information.”
Read More Here…