Tag Archives: cyber security

Trend Micro Predictions are on the Money with New Attack Group

by Bharat Mistry

Cyber-attacks are happening all the time. In fact, the one certainty CISOs should have today is that their organisation has either already been compromised, or it will be breached at some point in the future. But many of the most dangerous attacks are the ones designed to slip under the radar unnoticed — in many ways the opposite of your typical ransomware outage. This week, one of these sophisticated attack campaigns was revealed: a gang targeting US and Russian banks as well as a UK financial software provider. It’s already netted $10m (£7.5m) for the hackers, who are still at large. Continue reading

The Biggest Cyber Attacks of 2018 Will Come from Known Vulnerabilities

by Bharat Mistry

It’s that time of year again. As we bid farewell to 2017 and look forward to the next 12 months, it’s only right that we share our predictions for 2018 to help IT security bosses prepare for the inevitable cyber-assault on their systems. Our report, Paradigm Shifts: Security Predictions for 2018, features a range of trends to watch out for during the coming year, including: a continued growth in cyber-propaganda; BEC losses to exceed $9m; new IoT threats; and an uptick in digital extortion campaigns.

But to pull back a little and look at the bigger picture, one trend in particular will dominate: known vulnerabilities are set to cause havoc in 2018 as the primary cause of most of the year’s biggest attacks. The good news is that mitigating this risk should not require a major additional investment of time and resources — but it needs to start now.

The problem with vulnerabilities
Anyone with an eye on the past 12 months will understand why known software flaws could be so disruptive in 2018. After all, they caused the biggest security events of the past year. Exhibit A is undoubtedly WannaCry: the infamous ransomware-worm attack which spread around the world in just hours, infecting hundreds of thousands of computers. In this case those behind it used alleged NSA exploit information leaked by the Shadow Brokers group, which it is claimed is backed by the Russian state.

It’s proof if any were needed that even nation states can’t keep research on offensive cyber-tools a secret. Eventually they will find their way onto the cybercrime underground, putting innocent consumers and organisations around the world in danger. In the case of WannaCry it was the NSA’s EternalBlue Windows SMB exploit that was used to make the threat so prolific. It had been patched months earlier by Microsoft, but still managed to spread to a huge range of unprotected endpoints, highlighting organisations’ continued negligence when it comes to security best practices.

There are many potential repercussions. We can expect nation state groups like Pawn Storm to continue their exploitation of known vulnerabilities — as well as more sophisticated zero days — to infiltrate targets. Data theft is usually the outcome in these instances, while among financially motivated cybercrime gangs we can expect software flaws to be exploited in ransomware attacks as well as info-stealing raids.

Who knows what vulnerabilities may be exposed and used over the coming 12 months. All we know is that once flaws become public knowledge, the clock starts ticking: from then it’s just a matter of “when” not “if” it will hit users. The signs aren’t looking good: Trend Micro’s Zero Day Initiative uncovered 382 new vulnerabilities in the first half of 2017 alone, according to our Midyear Security Roundup.

Taking action
The bottom line is that if you have known and unpatched vulnerabilities in your IT environment, they will be targeted — it’s just a matter of time. Yet many IT leaders managing legacy systems either can’t patch — because none are available — or are reluctant to apply fixes in case they break mission critical installations. But there are solutions:

  • Consider reducing the attack surface by minimising the number of unpatched flaws in your environment. Virtual patching is a great way of keeping even legacy and “end-of-life” systems secure
  • Revisit patch management policies and invest in automated tools to ease the burden
  • Be prepared for a worst-case scenario. Ensure you have a comprehensive and thoroughly tested incident response plan in place. This should ideally include key stakeholders from all over the organisation (HR, Legal, IT etc). The quicker you get on top of an incident, the better your chances of minimising the financial and reputational fall-out.

Read our full list of predictions for 2018 in the report. Have any predictions of your own for 2018? Share them with us on Twitter @TrendMicroUK.

 

CLOUDSEC 2017: Game of Thrones Hack Tells Us IP Theft is Still a Major Risk

by Ross Dyer

It’s difficult to even discuss data breaches today without referencing the European General Data Protection Regulation (GDPR). With less than a year to go, it is a major area of focus for UK IT leaders keen to avoid mandatory breach notifications and potentially astronomical fines. Yet breaches aren’t all about the customer data governed by the GDPR, as HBO found out this week. Hackers have reportedly made off with 1.5TB of data from the US TV network, uploading a script from an upcoming Game of Thrones episode and two full episodes.

It’s a good example of why IP theft-related risk should be just as big a driver of improving cybersecurity as attacks targeting customer data. Fortunately, attendees at this year’s much anticipated CLOUDSEC event will have some great learning opportunities designed to help them bolster defences against just such attacks. Continue reading

Leading Law Enforcers Set to Speak at CLOUDSEC 2017 Following Major Darknet Takedowns

by Bharat Mistry

Cybercrime remains largely unique: it is without borders and offers perpetrators a great degree of anonymity, meaning most escape justice. But that’s changing, as some excellent policing work in recent days has shown. The takedown of two of the world’s biggest darknet marketplaces, AlphaBay and Hansa, illustrated what can be achieved when law enforcers work effectively with each other across borders.

Yet despite these successes, cross-border collaboration and public-private sector initiatives are still relatively new. That’s why we’ve invited representatives from the FBI, GCHQ, and Interpol to share their experiences at Trend Micro’s upcoming CLOUDSEC 2017 conference in September. Continue reading