Trend Micro Predicts the Rise of Targeted Attacks Across the APAC Region in 2015
Annual prediction report from cybersecurity leader reveals that retail and financial institutions outside of the US will feel the wrath of cybercriminals in 2015
Singapore, November 20, 2014 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), has released its annual security predictions report, “Trend Micro Security Predictions for 2015 and Beyond: The Invisible Becomes Visible.” In 2015, the company’s threat defense experts are anticipating the rise of targeted attack campaigns across the APAC region. This comes on the heels of 2014’s glut of successful large-scale data breaches targeting victims around the world.
According to the report, targeted attacks campaigns will continue to multiply in 2015, becoming the norm rather than the exception. Noteworthy cases in the United States and China show that targeted attacks have become a preferred means of intelligence gathering for cybercriminals. The motivations behind these campaigns include obtaining financial information, personal data, and top secret classified government data.
Trend Micro threat defense experts predict that targeted attacks will continue to sprout outside of commonly targeted areas like the U.S. We have already noted attacks against organizations in Vietnam and India, and recently in Malaysia and Indonesia. We can expect future attacks in other APAC countries. In particular, social media will increasingly be abused as infection vectors. Threat actors will also explore the viability of exploiting router vulnerabilities as a means of getting in to target networks.
“What we are seeing today is not a huge surprise. Cybercriminals have increased their velocity and the brutal measures they use to steal information,” said Dhanya Thakkar, Managing Director, Asia Pacific, Trend Micro. “Following the success of targeted attacks from Chinese and Russian cybercriminals, many attackers from other countries will regard cyber-attacks as a more practical method to grab a foothold in an organization.”
“With the incessant barrage of data breaches emerging almost daily, it’s reasonable to presume that data breaches will be essentially regarded as a common offshoot of the present threat landscape,” Thakkar added.
Users should expect that at least one of their accounts, whether on web services or online portals, will be compromised. The prevalence of social media usage in APAC – with about 970 million active social media users – will make users in the region viable targets. Given the predicted increase of attacks next year, cybercriminals will more opportunities to steal user credentials. As a result, users must become more diligent when it comes to password use and online security.
Trend Micro experts also expect to see more cybercriminals turning to the Deep Web for the anonymous sharing of cybercriminal tools, services, and information. Evasive tactics like IP fencing keep cybercriminal identities safe, allowing cybercrime to thrive. Law enforcement agencies will largely feel the Deep Web’s impact since it will make it more difficult to hunt down cybercriminals. However, improved collaboration and intelligence sharing between the various security agencies will boost their efforts to combat cybercrime.
The increased adoption of mobile devices will also increase the risk for mobile users. Android—the top mobile platform in APAC, making up an average of 71% of total impressions—has a fragmentation problem. This means the software version running on a user’s device is dictated by hardware support. Cybercriminals can take advantage of this fragmentation problem by developing exploits for existing device vulnerabilities that have not yet been patched. This can be done using exploit kits similar to the infamous Blackhole Exploit Kit.
Other highlights from the 2015 predictions report include:
- Online banking threats will continue to become more severe as more unique cybercrime attacks against financial institutions emerge.
- New payment methods will introduce new threats to the mobile landscape.
- The Internet of Everything will be good for targeted attacks, but not for mass attacks. The technologies are still too diverse. The data they process, however, are not safe.
- We will see more attempts to exploit vulnerabilities in open source apps.
For the full report, please refer to: http://about-threats.trendmicro.com/apac/security-predictions/2015