Thursday, September 3, 2015

Five years of hardware and software threats – Managers Online

Ransomware is growing at 127 percent a year

September 2, 2015 Intel Security published yesterday McAfee Labs Threats Report: August 2015 that addresses malware for graphics processors, methods used by cyber criminals to lock away data and a look back at how the threat landscape has evolved over the past five years.

McAfee Labs is celebrating the fifth anniversary of the Intel-McAfee with a comparison between what researchers beginning in 2010 thought that would happen and what actually happened on the area of ​​hardware and software threats. Leading researchers and managers have looked at the predictions about the security capabilities of processors, the challenges emerging, difficult to detect attacks involve and expectations in 2010 on new types of devices and the realities of today.
 
Threat Landscape
 The analysis of the threat landscape over the last five years:
 
 

  • Intel provided security threats aimed at hardware and firmware components, and which threaten the runtime integrity.

    •  

  • Non-current attacks and malware increasingly ‘under the radar’ can remain are indeed no surprise to Intel Security, but some of the specific tactics and techniques were unimaginable five years ago.

    •  

  • Although the volume of mobile devices have increased faster than was thought, the number of serious, broad attacks on these devices has grown much more slowly than anticipated.

    •  

  • The researchers see the start of IoT devices and attacks against security breaches.

    •  

  • ‘industrialization of hacking: cybercrime has become a complete industry, suppliers, markets, service providers, financing, trading systems and a proliferation of business models

    • .
     

  • The direction of cloud has changed the nature of some attacks, devices will not be attacked to the (small) amount of information contained in them, but as a path to locations where the important data are located.

    •  

  • Businesses and consumers still pay insufficient attention to updates, patches, security passwords, security alerts, defaults and other simple but critical ways to regulate the security and online devices properly.

    •  

  • The discovery of vulnerabilities in the core of the internet and abusing them, shows that for some basic techniques too little money and too little manpower is available.

    •  

  • There is a growing and positive collaboration between the security industry, academic institutions, law enforcement agencies and governments to tackle cyber crime.

    •  

 
Threat Evolution
 “We were impressed by the extent to which three key factors – increasing attack capabilities, the industrialization of hacking, and the complexity and fragmentation of the IT security market – the evolution of threats and the frequency and severity of attacks have accelerated,” says Wim van Campen, VP Northern and Eastern Europe Intel Security. “For this to keep track must continue the cybersecurity community to improve assume the exchange of information about threats, more security professionals, accelerate innovation of security technology and continue with the involvement of governments in cyber security so that their citizens better protect. “
 
Proofs of concept
 The August report also provides details on three ‘proof-of-concept (POCs) for malware that uses an attack by a graphics processor (GPU). Although almost all of the current malware is designed to run from the main memory to a central processor (CPU), these POCs utilize specialized components that are designed to accelerate the image display on a screen. The scenarios show that hackers will try to use the GPU because of the enormous processing power and to bypass traditional defenses against malware by running code and data to store in a place where not looking for the traditional defense.
 
Moving code
 After examining the POCs, Intel Security will see that moving code from the main memory and the CPU reduces the risk of detection by a host-based defense. But the researchers believe that there remain at least small signs of malicious activity in the memory or CPU. This makes detection by endpoint security products available, then action can be taken.
 McAfee Labs also provides details of techniques used by cybercriminals to lock away a wide variety of personal information from corporate networks: names, birth dates, addresses, phone numbers, social security numbers, credit card numbers and the like, health information, account information and even sexual orientation. In addition to the tactics and techniques of attackers, are also the types of attackers, their motives and analyze their most likely targets. The policy that companies should implement to detect the diversion better, is discussed.
 
Development
 The report has seen a number of other developments in the second quarter of 2015:
 
 

  • Ransomware – Ransomware continues to grow very rapidly – the number of new ransomware variants has grown by 58 percent in the second quarter. In the period from the second quarter of 2014 to the second quarter of 2015 the total number of ransomware variants with 127 percent went away. Intel Security attributes this rapid growth to new ransomware families, such as CTM Locker, CryptoWall and others.

    •  
  • Mobile collapses – The total number of mobile malware samples grew in the second quarter by seventeen percent. But the number of mobile malware infections by about one per cent lower in all regions except North America, where the decline was four percent and Africa, where the number remained unchanged.

    •  
  • Spam botnets – The decrease in botnet-generated spam volume has put through in the second quarter, as the Kelihos botnet was inactive. Slenfbot again remained at the top, followed by Gamut on the second and Cutwail in third place.

    •  
  • Suspicious URLs – In the second quarter, retrieve hourly 6.7 million attempts McAfee’s customers to click on suspicious URLs via e-mails, search results in browsers, etc.

    •  

  • Infected files – In the second quarter, every hour more than 19.2 million infected files found on the networks of customers

    • .
     

  • More Unwanted Programs – In the second quarter tried every hour seven million potentially unwanted programs to install itself or to launch McAfee protected networks

    • .
     

 
 Here you can find more information: McAfee Labs Threats Report: August 2015
 
 Guidance on how organizations can better protect against the threats outlined in this report can be found here. LikeTweet

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)