Canadian Underwriter
News

Evolving technology expected to introduce new cyber threats, broadened attacks: Trend Micro


December 7, 2016   by Canadian Underwriter


Print this page Share

The coming year is expected to witness evolving technology that introduces new cyber threats and attacks that broaden and differentiate to penetrate new vulnerable surfaces, suggests a report issued Wednesday by Trend Micro Incorporated.

The expectation is 2017 “will include an increased breadth and depth of attacks, with malicious threat actors differentiating their tactics to capitalize on the changing technology landscape,” Trend Micro, a cyber security solution provider, notes in releasing The Next Tier – 8 Security Predictions for 2017.

“People waking up to the threat landscape of 2017 will say it is both familiar and unchartered terrain,” the report points out.

“After all, while our predictions for 2016 have become reality, they only opened doors for more seasoned attackers to explore an even broader attack surface,” it adds.

Noting that cyber criminals continue to evolve with the changing technology landscape, “while new ransomware saw an exponential increase in 2016, that growth is no longer sustainable, so attackers will find new ways to use existing malware families,” cautions Ed Cabrera, chief cyber security officer for Trend Micro.

The company predicts a 25% growth in the number of new ransomware families in 2017, translating to an average of 15 new families discovered each month. “Although the tipping point has passed in 2016, a period of stabilization will push competing cyber criminals to diversify, hitting more potential victims, platforms and bigger targets,” the report predicts.

“Mobile ransomware will likely follow the same trajectory as desktop ransomware given how the mobile user base is now a viable, untapped target,” it suggests.

Ransonware families, including 2017 prediction

Similarly, changes in the Internet of Things (IoT) “open new doors to go after additional attack surfaces, and software changes push criminals toward finding different types of flaws,” Cabrera points out.

Related: Cyber criminals using DDoS as “smokescreen” for other attacks on businesses: Kaspersky

Highlights from the 2017 annual predictions report include the following:

  • the number of new ransomware families is predicted to plateau, only growing 25%, but will branch out into IoT devices and non-desktop computing terminals, like PoS systems or ATMs;
  • vendors will not secure IoT and Industrial Internet of Things (IIoT) devices in time to prevent denial of service and other attacks;
  • new vulnerabilities will continue to be discovered in Apple and Adobe, which will then be added to exploit kits;
  • new targeted attack methods will focus on evading modern detection techniques to allow threat actors to target different organizations; and
  • business email compromise (BEC) attacks will continue to be useful to extort businesses via unsuspecting employees.

BEC and business process compromise (BPC) “will continue to grow as a cost-effective and relatively simple form of corporate extortion,” Trend Micro reports, adding a BEC attack might yield US$140,000 by luring an innocent employee to transfer money to a criminal’s account.

“Alternatively, hacking directly into a financial transaction system, while requiring more work, will result in far greater financial windfalls for criminals – as much as US$81 million,” the company adds.

The report notes that the total estimated loss from BEC in two years is US$3 billion. In comparison, the average payout for a ransomware attack is US$722 (currently 1 Bitcoin), which could reach up to US$70K if an enterprise network is hit.

“BEC is especially hard to detect because these emails do not contain malicious payloads or binaries, but enterprises should be able to block these threats at the source using Web and email gateway solutions,” the report advises.

However, “defending against BEC scams will remain difficult if victims continue to willingly hand over money to cyber criminals,” Trend Micro emphasizes.

Related: U.S. prosecutor’s office paid bitcoin ransom in cyber attack

“Companies must implement stringent policies for normal and out-of-the-ordinary transactions, which include layers of verification and thresholds for large sums requiring more validation, before executing transfers,” the report contends.

Business Email Compromise

“Next year will take the cyber security industry into new territory after 2016’s threat landscape opened doors for cyber criminals to explore a wider range of attacks and attack surfaces,” says Raimund Genes, chief technology officer for Trend Micro.

The company also sees impact from the General Data Protection Regulation, a regulation by which the European Parliament, the Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union.

Trend Micro foresees the regulation “causing extensive data management changes for companies around the world, new attack methods threatening corporations, expanding ransomware tactics impacting more devices and cyber-propaganda swaying public opinion,” Genes notes in the company statement.

Mobile devices are used increasingly to monitor control systems in manufacturing and industrial environments. IoT and IIoT attacks, for their part, “will capitalize upon the growing acceptance of connected devices by exploiting vulnerabilities and unsecured systems to disrupt business processes.”

Together with the significant increase in the number of supervisory control and data acquisition (SCADA) system vulnerabilities, “the migration to IIoT will introduce unprecedented dangers and risks to organizations and affected consumers in 2017,” states the report.

However, “these dangers can be proactively addressed by vendors who sell smart devices and equipment by implementing security-focused development cycles,” it adds.

“It is now clearer to enterprises that suffering a ransomware attack has become a realistic possibility and a costly business disruption,” the report notes.

“Ransomware (against industrial environments) and IIoT attacks will cause bigger damage as threat actors can get more money in exchange for getting a production floor back online, for instance, or switching facility temperatures back to safer ranges,” it points out.

Related: Two-thirds of global organizations not prepared to recover from cyber attacks: IBM and Ponemon Institute study

“Unknown threats can either be new variants of known, existing threats or completely unknown threats that have yet to be discovered,” the report states. “Security solutions that use machine learning can be used to protect against the former, while sandboxing will be able to manage the latter,” it suggests.

That said, instead of sticking to one security strategy, Trend Micro advises that cross-generational, multi-layered technology “will be extremely important in battling these kinds of campaigns.”