Trend Micro Report finds that Corporate Data is the Pot of Gold at the end of the rainbow for cybercriminals
Cybercriminals adopt new targeted attack techniques and assaults that threaten target networks.
Singapore, April. 16 2015 – In Trend Micro’s latest Targeted Attack Trends 2014 Annual Report, Trend Micro Incorporated (TYO: 4704; TSE: 4704) found that in 2014, and increasingly moving forward into 2015, corporate data is now a huge gold mine that cyber criminals are looking to harvest. Occurring via a mix of seemingly state and non-state sponsored cyber-attacks, targeted attacks – otherwise known as advanced persistent threats (APTs), have intensified over the past year alongside newly identified techniques. Trend Micro’s research analysed various forms of APTs, along with the agenda behind these rising assaults and other monitored attack-related command and control (C&C) infrastructure which poses great threats to the computing public.
“Cybercriminals are adopting techniques more commonly associated with targeted attacks because these prove to be effective in increasing their financial gain,” said Dhanya Thakkar, Managing Director, Trend Micro APAC. “To fight back, organizations need to remain vigilant and adopt effective solutions to adapt to the changing cyber landscape. They need to reinforce a custom defence strategy, which uses advanced threat detection technologies and shared intelligence to detect, analyse, and respond to attacks that are invisible to standard security products.”
According to the report, targeted attacks remained arduous due to threat actors proactively covering their traces in targeted networks. With the aim to gather intelligence and exfiltrate confidential data,
targeted attack tactics continued to push the envelope with newly identified techniques. Trend Micro
also saw cybercriminals adopting techniques more commonly associated with targeted attacks because these proved effective in increasing their financial gain.
Targeted attacks also remained to be a global problem, with the United States, Russia and China no longer being the only favoured targets for C&C server attacks. Based on the cases monitored in 2014, Australia, Brazil, China, Egypt, and Germany were among the list of countries that hosted targeted attack C&C servers. With government agencies remaining the top attack targets, Trend Micro also saw a spike in attacks targeting hardware/software companies, consumer electronics manufacturers, and health care.
Given the increased volume of targeted attacks, ease of mounting them, and difficulty to protect
against them, network defenders must be able to exactly understand what a shift in mindset from prevention to detection entails. This means that organizations need to adapt to keep up with the
dangers that targeted attacks pose.
The report also includes expert insight from Trend Micro’s threat researchers and evangelists. The following are a few other highlights:
Highly secured applications, programs, OSs, and setups did not prevent threat actors from launching effective attacks in 2014.
It was observed that open source/free weaponized tools have been utilized by cybercriminals to further enhance their APT methodologies.
Attackers continue to relentlessly exploit newly discovered zero-day vulnerabilities, alongside tried-and-tested ones, a prime example being CVE-2012-0518 which is exploited in Windows Common Controls.
For the complete report, please visit: http://apac.trendmicro.com/cloud-content/apac/pdfs/security-intelligence/reports/rpt-targeted-attack-trends-2014-annual-report.pdf