Hackers widen corporate scope in 2014: Kaspersky

10.12.2014
Cyberattacks on the corporate sector have doubled in the past year, with targeted attacks and malicious campaigns leading the way.

According to Kaspersky Lab, the company's Global Research and Analysis Team has reported on seven advanced persistent cyber-attack campaigns (APTs) in the past year. Between them, these accounted for more than 4,400 corporate sector targets in at least 55 countries worldwide; more than double the 1,800 targeted corporate attacks discovered in 2013.

Learn how smart CIOs are protecting customers from security breaches

Targeted attacks and malicious campaigns stood out amongst a range of security incidents, particularly in terms of their scale and impact across both government and business.

In 2014, organisations in at least 20 critical sectors were hit by advanced threat actors.

Major public organisations were targeted, including government and diplomatic offices, with further attacks on sensitive financial and industrial segments across the private sector, including attacks on media organisations.

It is likely that in several cases, these attacks were performed by state-sponsored threat actors, as analysis of the Mask/Careto and Regin campaigns reveal.

Others are likely to have been the result of professional cyber-crews organising 'attacks-as-a-service', reflected in the exposure of the HackingTeam 2.0, Darkhotel, CosmicDuke, Epic Turla, and Crouching Yeti APTs.

The 'Regin' threat actor is the first ever cyber-attack platform known to penetrate and monitor GSM networks in addition to other 'standard' spying tasks.

In the hunt for sensitive information retained on connected equipment, 'Darkhotel' targeted C-suite victims, including senior management and R&D staff staying at dozens of luxury hotels worldwide. These two threat actors have been in operation for a decade, making them among the oldest APTs.

Kaspersky Lab chief security expert, Alex Gostev, said that targeted operations could mean disaster for the victim, resulting in leaks to sensitive information such as intellectual property, compromised corporate networks, interrupted business processes, and the wiping of data.

"There are tens of scenarios that all end up with the same impact: the loss of influence, reputation and money."

2014 also saw a number of fraud campaigns that resulted in losses totalling millions of dollars.

In June, Kaspersky Lab experts released their research into an attack on clients of a large European bank.

The company's Global Research and Analysis Team also published in October the results of a forensic investigation into a new direct attack on ATMs in Asia, Europe and Latin America. Millions of dollars were stolen from ATMs worldwide without the attackers requiring access to credit cards.

In Kaspersky Lab's forecast for 2015, experts expect to see further evolution of these ATM attacks, where APT techniques are used to gain access to the 'brain' of cash machines.

The next stage will see attackers compromising the networks of banks and using that level of access to manipulate ATM machines in real-time.

(www.arnnet.com.au)

Brian Karlovsky