by David Sancho and Numaan Huq (Trend Micro Forward-Looking Threat Research Team), Massimiliano Michenzi (Europol EC3)
Infecting automated teller machines (ATMs) with malware is nothing new. It’s concerning, yes. But new? Not really. We’ve been seeing physical attacks against ATMs since 2009. By physical, we mean opening the target machine’s casing, accessing the motherboard and connecting USB drives or CD-ROMs in order to infect the operating system. Once infected, the ATM is at the attackers’ mercy, which normally means that they are able to empty the money cassettes and walk away with fully loaded wallets. In 2016, we released a joint paper with Europol’s European Cybercrime Centre (EC3) that discussed the shift from physical to digital means of emptying an ATM and described the different ATM malware families that had been seen in the wild by then. Continue reading →
As the Internet of Things (IoT) permeates further into our everyday lives, the potential for hackers to line their pockets and even disrupt key critical infrastructure moves increasingly from theory to practice. We’ve already seen Ukrainian power stations crippled by malware, connected car vulnerabilities reach crisis point and even smart baby monitors hacked.
Voice assistants are the latest piece of the IoT ecosystem to come under scrutiny. A new Trend Micro infographic highlights the key privacy issues, vulnerabilities and attack scenarios which could affect smart home users. For those IT and business leaders looking for more guidance, check out our CLOUDSEC conference next week. Continue reading →
It’s that time of year again: on Tuesday the doors to Olympia will be flung open as London becomes the de facto centre of the global IT security industry for a few days. Yes, it’s Infosecurity Europe – one of the biggest and best attended events of its kind on the calendar. Trend Micro will be there as always, with a mountain of new research to share and experts on hand to explain why a layered, connected approach to cyber defence is the only effective way for organisations to battle modern threats. Continue reading →
With all the hype surrounding WannaCry over the past week, it’s easy to forget that organisations are facing a far broader range of threats than ransomware. Targeted attacks on critical infrastructure, particularly SCADA systems, have been on the radar since Stuxnet, but as the attacks on the Ukrainian power grid have shown, they’re still a major cause for concern.
That’s why Trend Micro compiled its latest report, Hacker Machine Interface, focusing specifically on the Human Machine Interface (HMI) displays present in most SCADA set-ups. Unfortunately, we found that a lot more needs to be done to architect more secure systems and to ensure patches are produced and applied swiftly. Continue reading →