At the (ISC)2 Congress, held in parallel with ASIS 2013 in Chicago, Illinois, Kellermann told his audience that the threat from Eastern Europe is so great because it is “commander like”. They maintain a presence in your system, he said. “They are more innovative, their infrastructure is internal to the operation, and they control their own servers, develop their own DNS servers, and create sophisticated traffic systems for attacks.”
In Latin America, malware that compromises routers is the trend, said Kellermann. “Latin America is seeing growth in web attacks and the financial sector is the primary target.” The development of regional malware is a trend and the region is witnessing a new era of sophistication, according to the Trend Micro expert.
Regardless of where threats are originating, Kellermann is confident that the industry is “losing”. Banking crime kits are reducing in price, he told the audience, “Which is a sure indication that we are not winning.”
“[Adversaries] know more about our infrastructure than we do. They have situational awareness on us.” Today’s malware, described Kellermann, evades detection and is disruptive.
“Virus scanners are pretty much dead in the environment I’m describing today”, he admitted. “They are redundant against unknown [advanced] threats.”
This year has seen a 45% increase in the sale of zero-day threats in the wild. “The US created this problem. That’s where bounties began for zero-day attack coding. Today’s shadow economy also pays for delivery of the zero-day attacks.”
The answer, according to Kellermann, is to allow the offense to inform the defense. Our industry, he argued, often fails to help itself. “Only 19% of those breached due to third-party vulnerabilities updated their SLA agreement as a result”, he said.
| 2013 Cyber Attacks Trends according to Kellermann: |
|