Share

Related Links

Top 5 Stories

News

The Top Five IT Security Cyber Threats Are...

26 June 2013

As cybercrime expands and evolves, a new study categorizes and describes the top five threats: data breaches, malware, DDoS, mobile threats and the industrialization of fraud – and they're all interrelated.

  1. Data Breach
  2. Malware
  3. DDoS
  4. Mobile Threats
  5. Industrialisation of Fraud 

Security firm 41st Parameter describes each threat in turn. The data breach threat is illustrated by the LivingSocial breach earlier this year. 50 million records were compromised in April. Although no financial records were stolen, they probably weren’t the direct target: “consumers don’t realize that the real concern behind the theft of personal data (such as email addresses, birthdates and encrypted passwords) is potential exposure to various forms of identity theft.”

The real problem with large data heists comes in the following months when the attackers use the data they have stolen to engineer compelling phishing attacks “to dupe unsuspecting victims into revealing sensitive data that can be used to open new accounts or take over existing ones.” In this instance there were two difficulties – firstly consumers still tend to reuse passwords over multiple accounts, and secondly LivingSocial’s business model sends out ‘daily deals’ emails to its subscribers. A forged email could look like a genuine LivingSocial mail but actually contain a disguised link to a malicious site.

That malicious site would contain the second of the major threats: malware. Malware delivery from a malicious URL, otherwise known as drive-by downloading, is one of the three top delivery mechanisms of 2012. The others are app repackaging for mobile devices, and smishing. The first takes a genuine app, alters it for bad intent, and then redistributes it via a different channel. Smishing is the use of “unsolicited text messages that prompt users to provide credentials.”

There is no single solution to malware, but the threat can be mitigated by the use of up-to-date anti-malware software, and improved visibility into the devices – especially mobile devices – that connect to the corporate network.

The third threat is DDoS. DDoS attacks are disruptive, driving costs up and reputations down; and there are more than 7000 DDoS attacks every day. But there is a growing issue “more prevalent now than it’s ever been,” when the target site is a bank. Possibly using account credentials stolen by the malware distributed after a data breach, it’s now “common for fraudsters to access a group of accounts, perform reconnaissance and money movement activities and then immediately launch a DDoS attack in order to create a diversion.”

The fourth threat is that posed by and to the mobile market – 700 million smartphones were sold in 2012 alone. “Since fraudsters typically attack the weakest point of ingress,” warns 41st Parameter, “and without the proper device recognition and detection systems in place, the mobile channel may soon emerge as their channel of choice.” Overall, 2012 saw a 163% increase in mobile threats, with 95% of mobile threats attacking the Android platform. In all, 32.8 million mobile devices were infected with malware.

Finally, the report discusses the industrialization of fraud. Since online transactions are by their nature ‘machine-to-machine’ they lend themselves to automation. But just as the banks automate their own processes, so too are criminals automating fraud. “Recently, 41st Parameter has seen the standardization of fraud software building blocks and data formats, which make it easier to collaborate and exchange information between fraud rings.” And there are more than 10,000 of these fraud rings in the US alone.

One of the problems that comes from this automation is that criminals can just as easily perpetrate hundreds or thousands of small frauds to gain the same financial return as a few large ones – but staying small they are more likely to slip under the banks’ fraud detection systems.

All of these threats could stem from that initial data breach: stolen personal data leading to phishing and the installation of malware that steals account data (although the mobile arena is increasingly used to do the same), in turn leading to financial fraud which is increasingly industrialized and disguised by DDoS attacks. In fact, “The increase in large-scale data breaches and high-volume, coordinated fraud attacks are byproducts of the industrialization of fraud driven by the movement of services online,” says Eli Katz, vice president of financial industry solutions at 41st Parameter. “Financial institutions and consumers must each take steps to adjust to this evolving threat landscape.”

This article is featured in:
Data Loss  •  Internet and Network Security  •  Malware and Hardware Security  •  Wireless and Mobile Security

 

Comments

Maureen says:

09 July 2013
M2M communication offers enormous potential to expand the capabilities of devices, including remote wireless management and updates. However, there are profound security implications as the software running therein must be completely fault-tolerant and hardened from attack. Find out more about this topic by attending the Mitigating M2M Security Risks in Critical Embedded Systems – register here: http://ubm.io/19QwnoP

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×