The Black Hats Keep Striking

The Black Hats Keep Striking

Cyber-Attacks Afflict Majority of Organizations

60% of respondents were affected by a successful cyber-attack in 2013, but less than 40% expect to be the victim of one again in 2014.

Huge Increase in PoS Malware

Organizations saw seven times more point of sale malware in Q1 2014 compared with all of 2013.

Inadequate Defenses Against Cyber-Threats

25% of security professionals doubt whether their organization has invested adequately in cyber-threat defenses. Likewise, 25% of organizations lack the tools necessary to properly investigate the root cause of an attack.

Online Banking Suffers From New Malware

The study uncovered a ZeuS/ZBOT variant and spam attachment, a BANDLOAD variant that affected only Latin Americans, and a fake WhatsApp client to spread BANDLOAD when it is downloaded.

New Target: Virtual Currencies

Cybercriminals have moved toward a new lucrative monetary source: virtual currencies. For example, a Tokyo-based Bitcoin exchange declared bankruptcy after it lost 550,000 Bitcoins, worth U.S. $473 million, due to a cyber-attack.

Wave of DDoS Attacks

DDoS attacks targeted versions of the NTP protocol in Q1 2014, compromising networks and using them to flood targets with packet replies and error warnings.

Mobile Threat Landscape Maturing

Malicious app and Web threats have evolved into attacks on the Android platform that paralyze entire devices. Also, plagued by the “goto fail” bug, iOS’s Secure Sockets Layer succumbed and users became vulnerable to eavesdropping and Web hijacking.

New Adware Stymies Cleanups

47% of attack victims were compromised by new adware, with premium message service users trailing close behind at 35%, perhaps due to the emergence of new adware families and network carrier efforts to thwart mobile fraud by dropping premium message service charges.

Vulnerability Checks Are Infrequent

Less than half of organizations conduct full-network vulnerability scans more than once every quarter.

Safeguarding Mobile Devices

To protect the data transmitted via smartphones and tablets, 60% of respondents use VPN and 56% use Network Access Control.

PoS Malware Family Growth

In Q1 2014, the nefarious point-of-sale malware included ALINA, which checks for credit card information that can be stolen; FYSNA, which uses the Tor network to retain anonymity while committing bad deeds; and HESETOX, which uploads stolen data to command-and-control servers.