{Cybercriminals will train their gaze on Apple more often next year. Attacks on OS X have begun to rise, and an acceleration of those attacks is likely, SentinelOne noted, because Apple continues to grow its share of the enterprise market, where it has become a darling of executives who are ripe targets for hackers. Apple’s security problems are compounded by its reputation as a “safe” platform.}
Cyberspies will flourish and hackers will target Apple devices more often in 2015.
Until now, Russia, China and the United States have dominated the cyberespionage scene, but their success will start to attract new players to the practice.
“We can expect some of the developing economies — countries forecasted for high economic growth — to engage in these activities to protect their growth status,” Carl Leonard, a senior manager at Websense Security Labs, told TechNewsWorld. “Those players have yet to be revealed.”
“Cells” that will remain independent of the nation-states they’re operating in will supplement those efforts, launching operations that advance the objectives of their native countries, according to Websense. That kind of activity already has been seen in Russia and China.
Russian cyberattacks on the West, as a form of retaliation for political actions taken against the Kremlin, will continue, forecast SentinelOne.
A lack of accountability within the Beijing regime will allow China’s cyberespionage efforts to continue unabated, the firm also said.
Further, there will be an acceleration of cyberespionage activity by Pakistan, SentinelOne predicted, mostly directed at India. It will be outsourced, with contractors hired to write malware and orchestrate attacks.
{{
Apple in Crosshairs }}
Pakistan may be in the forefront of a trend SentinelOne predicted for 2015: Attacks as a Service.
Instead of shopping here and there to gather the tools for an attack, SentinelOne explained, an attacker will be able to go to a website, choose malware, choose what to steal — banking credentials, healthcare records, credit card numbers and such — request a number of infections, and pay for the package.
While most cyberespionage has been directed at computer systems, cyberspies increasingly will target mobile devices, predicted Michael Shaulov, CEO of Lacoon Mobile Security.
“We’re going to see more attacks that are leveraging WiFi hotspots, fake base stations or even more aggressive exploitation of mobile browsers or messaging applications,” he told TechNewsWorld.
Cybercriminals will train their gaze on Apple more often next year.
Attacks on Apple’s OS X desktop operating system have begun to rise, SentinelOne noted.
An acceleration of those attacks is likely, the firm said, because Apple continues to grow its share of the enterprise market, where it has become a darling of executives who are ripe targets for hackers.
Apple’s security problems are compounded by its reputation as a “safe” platform, according to SentinelOne. That has resulted in the production of few products that can handle advanced threats against Apple devices.
The same is true for Apple’s mobile platform, iOS.
“iOS was reasonably very safe up until recently, but over the last two to three months, cybercriminals have leveraged the apps in the platform to attack the devices,” Lacoon’s Shaulov said.
“That makes sense, because iOS is getting more traction in the market,” he added, “and the data being placed on the iOS devices is more valuable.”
Internet of Things
The Internet of Things also will become an attack surface in 2015.
Printers, smart TVs, appliances, wearable computers — a whole host of cloud connected devices will be a new source of cyberthreats in the coming year, predicted Willy Leichter, global director of cloud security for CipherCloud.
“It’s like any new technology. The standards haven’t solidified. No one has looked at the underlying security,” he told TechNewsWorld.
“There are also a lot of open source tools used by these devices that may have vulnerabilities,” Leichter added.
Although they will leverage the IoT in 2015, hackers will be less interested in victimizing consumers than in using smart devices to target businesses, noted Websense’s Leonard.
“Because these devices are Web-enabled,” he said, “they give hackers an additional entry point into a business. That’s what’s going to intrigue the malware authors and what they’ll be attacking in 2015.”
Breach Diary
Nov. 23. Symantec releases report on Regin, a nation-state quality spyware program that it says has been snooping on governments, infrastructure providers, researchers and individuals since at least 2008.
Nov. 24. Sony Pictures Entertainment shuts down its computers after its sites are vandalized by group calling itself the “Guardians of Peace.” Systems could be offline from one day to three weeks, Sony said.
Nov. 25. ARC Group, of New York City, donates US$500,000 in software and services to University of Albany to establish a center to investigate and resolve cybersecurity breaches.
Nov. 26. IntelCrawler identifies Point of Sale malware that it’s calling “d4re|devil,” or Daredevil, which is attacking ticket machines and electronic kiosks, incuding ticket machines used in mass transit systems. Malware contains both RAM scraping and keylogging capabilities.
Nov. 27. Home Depot, in SEC filing, reports it’s facing at least 44 lawsuits stemming from data breach this year that placed at risk 56 million payment cards of its customers.
Nov. 27. Gigya, a targeted marketing provider, reports traffic to its website is being redirected to server informing visitors that company’s website has been hacked by Syrian Electronic Army.
Nov. 28. Poland’s Supreme Audit Office reports country’s government institutions are ill-prepared for cyberattacks and not cooperating well-enough to deal with online threats.
Tech News World
Leave a Reply