Category Archives: Cyberthreat

Layered Defence To Combat a ‘Brotherhood’ of Cyber-Criminals

by Bharat Mistry

Over the past 28 years, Trend Micro has led the industry in trying to better understand those who seek to do us and our customers harm. After all, how can we begin to build effective threat prevention if we don’t know what we’re trying to protect against? The latest of our in-depth reports into regional cybercrime underground markets focuses on the Middle East North Africa (MENA) region, and reveals some surprising findings. This is a cybercrime underground united in its goals with members keen to share and help each other; making it particularly dangerous for targets in the West.

That’s bad news for all of us as local MENA players move beyond DDoS and web defacement activity to more nefarious attacks. Against this backdrop, layered security becomes an essential mitigation strategy. Continue reading

As the NCSC Celebrates its First Year, Why We Need to Focus on Layered Security

by Bharat Mistry

There’s not been much to celebrate in cybersecurity recently. The shadow of the Equifax breach still hangs over the industry as a cautionary tale of what can happen if security processes and execution aren’t 100% watertight. In fact, Europol last week reported stats claiming over two billion records on European citizens have been leaked over the past 12 months. While there’s clearly lots to do, it was heartening to see the UK’s National Cyber Security Centre (NCSC) this week reporting a successful first year in operation.

The GCHQ offshoot claimed to have dealt with 590 “significant” cyber threats reported over the 12-month period. While we’re 100% behind its work, it’s obvious the scale of the problem and the determination of online attackers continues to rise. That means organisations must also take matters into their own hands with best practice, layered cybersecurity. Continue reading

An Elaborate ATM Threat Crops Up: Network-based ATM Malware Attacks

by David Sancho and Numaan Huq (Trend Micro Forward-Looking Threat Research Team), Massimiliano Michenzi (Europol EC3)

Infecting automated teller machines (ATMs) with malware is nothing new. It’s concerning, yes. But new? Not really. We’ve been seeing physical attacks against ATMs since 2009. By physical, we mean opening the target machine’s casing, accessing the motherboard and connecting USB drives or CD-ROMs in order to infect the operating system. Once infected, the ATM is at the attackers’ mercy, which normally means that they are able to empty the money cassettes and walk away with fully loaded wallets. In 2016, we released a joint paper with Europol’s European Cybercrime Centre (EC3) that discussed the shift from physical to digital means of emptying an ATM and described the different ATM malware families that had been seen in the wild by then. Continue reading

Digital Voice Assistants: The New Front in the War on IoT Hackers

by Simon Edwards

As the Internet of Things (IoT) permeates further into our everyday lives, the potential for hackers to line their pockets and even disrupt key critical infrastructure moves increasingly from theory to practice. We’ve already seen Ukrainian power stations crippled by malware, connected car vulnerabilities reach crisis point and even smart baby monitors hacked.

Voice assistants are the latest piece of the IoT ecosystem to come under scrutiny. A new Trend Micro infographic highlights the key privacy issues, vulnerabilities and attack scenarios which could affect smart home users. For those IT and business leaders looking for more guidance, check out our CLOUDSEC conference next week. Continue reading