From Heartbled 2014 to Shellshocked, espionage-weak 2015

INDIA: As per findings by Intel Security's  McAfee Labs November 2014 Threats Report, that includes an analysis of threat activity in the third quarter of 2014, and the organization’s annual 2015 Threats Predictions for the coming year, the year 2014 will be remembered as ‘the Year of Shaken Trust. The report details a third quarter filled with threat development milestones and cyber events exploiting long-established Internet trust standards. McAfee Labs forecasts a 2015 threat landscape shaped by more attacks exploiting these standards, new attack surfaces in mobile and Internet of Things (IoT), and increasingly sophisticated cyber espionage capabilities, including techniques capable of evading sandboxing detection technologies.

Vincent Weafer, Senior Vice President, McAfee Labs, part of Intel Security added. “This unprecedented series of events shook industry confidence in long-standing Internet trust models, consumer confidence in organizations’ abilities to protect their data, and organizations’ confidence in their ability to detect and deflect targeted attacks in a timely manner. Restoring trust in 2015 will require stronger industry collaboration, new standards for a new threat landscape, and new security postures that shrink time-to-detection through the superior use of threat data. Ultimately, we need to get to a security model that’s built-in by design, seamlessly integrated into every device at every layer of the compute stack.”

In 2015, McAfee Labs predicts malicious parties will seek to extend their ability to avoid detection over long periods, with non-state actors increasingly adopting cyber espionage capabilities for monitoring and collecting valuable data over extended targeted attack campaigns.

It sees some clear trends in 2015 like increased use of cyber warfare and espionage tactics. Cyber espionage attacks will continue to increase in frequency as long-term players will become stealthier information gatherers, while newcomers to cyber-attack capabilities will look for ways to steal sensitive information and disrupt their adversaries. Established nation-state actors will work to enhance their ability to remain hidden on victim systems and networks.

As it augurs, Cybercriminals will continue to act more like nation-state cyber espionage actors, focusing on monitoring systems and gathering high-value intelligence on individuals, intellectual property, and operational intelligence.

McAfee Labs predicts that more small nation states and terror groups will use cyber warfare. Also, unless security controls are built-in to their architectures from the beginning, the rush to deploy IoT devices at scale will outpace the priorities of security and privacy. This rush and the increasing value of data gathered, processed, and shared by these devices will draw the first notable IoT paradigm attacks in 2015. The increasing proliferation of IoT devices in environments such as health care could provide malicious parties access to personal data even more valuable than credit card data.

For instance, according to the McAfee Labs report entitled Cybercrime Exposed: Cybercrime-as-a-Service, the cybercrime community currently values stolen health credentials at around $10 each, which is about 10 to 20 times the value of a stolen U.S. credit card number.

It sees Ransomware evolving into the cloud too and explains that Ransomware will evolve its methods of propagation, encryption, and the targets it seeks. More mobile devices are likely to suffer attacks. The Labs predict ransomware variants that manage to evade security software installed on a system will specifically target endpoints that subscribe to cloud-based storage solutions. Once the endpoint has been infected, the ransomware will attempt to exploit the logged-on user's stored credentials to also infect backed-up cloud storage data.

It also expects a continued rise in mobile ransomware using virtual currency as the ransom payment method.

Mobile attacks will continue to grow rapidly as new mobile technologies expand the attack surface. The growing availability of malware-generation kits and malware source code for mobile devices will lower the barrier to entry for cybercriminals targeting these devices. Untrusted app stores will continue to be a major source of mobile malware. Traffic to these stores will be driven by “malvertising,” which has grown quickly on mobile platforms.

Besides that, POS attacks increase and evolve with digital payments. Point of sale (POS) attacks will remain lucrative, and a significant upturn in consumer adoption of digital payment systems on mobile devices will provide new attack surfaces that cybercriminals will exploit. Despite current efforts by retailers to deploy more chip-and-pin cards and card readers, McAfee Labs sees continued growth in POS system breaches in 2015 based on the sheer numbers of POS devices that will need to be upgraded in North America.

Interestingly, Near field communications (NFC) digital payment technology will become an entirely new attack surface to exploit, unless user education can successfully guide users in taking control of NFC features on their mobile devices.

And Shellshock sparks Unix, Linux attacks. Non-Windows malware attacks will increase as a result of the Shellshock vulnerability. McAfee Labs predicts that the aftershocks of Shellshock with be felt for many years given the number of potentially vulnerable Unix or Linux devices, from routers to TVs, industrial controllers, flight systems, and critical infrastructure. In 2015, this will drive a significant increase in non-Windows malware as attackers look to exploit the vulnerability.

New evasion tactics for sandboxing might surface and escaping the sandbox will become a significant IT security battlefield. Vulnerabilities have been identified in the sandboxing technologies implemented with critical and popular applications. McAfee Labs predicts a growth in the number of techniques to exploit those vulnerabilities and escape application sandboxes. McAfee Labs predicts that 2015 will bring malware that can successfully exploit hypervisor vulnerabilities to break out of some security vendors’ standalone sandbox systems.

In the third quarter, McAfee Labs detected more than 307 new threats every minute, or more than five every second, with mobile malware samples growing by 16 per cent during the quarter, and overall malware surging by 76 per cent year over year. The researchers also identified new attempts to take advantage of Internet trust models, including secure socket layer (SSL) vulnerabilities such as Heartbleed and BERserk, and the continued abuse of digital signatures to disguise malware as legitimate code.