Cybersecurity Threats 2015: More Espionage, More Apple Malware

Cyberspies will flourish and hackers will target Apple devices more often in 2015.

Until now, Russia, China and the United States have dominated the cyberespionage scene, but their success will start to attract new players to the practice.

“We can expect some of the developing economies — countries forecasted for high economic growth — to engage in these activities to protect their growth status,” Carl Leonard, a senior manager at Websense Security Labs, told TechNewsWorld. “Those players have yet to be revealed.”

“Cells” that will remain independent of the nation-states they’re operating in will supplement those efforts, launching operations that advance the objectives of their native countries, according to Websense. That kind of activity already has been seen in Russia and China.

Russian cyberattacks on the West, as a form of retaliation for political actions taken against the Kremlin, will continue, forecast SentinelOne.

A lack of accountability within the Beijing regime will allow China’s cyberespionage efforts to continue unabated, the firm also said.

Further, there will be an acceleration of cyberespionage activity by Pakistan, SentinelOne predicted, mostly directed at India. It will be outsourced, with contractors hired to write malware and orchestrate attacks.

Apple in Crosshairs

Pakistan may be in the forefront of a trend SentinelOne predicted for 2015: Attacks as a Service.

Instead of shopping here and there to gather the tools for an attack, SentinelOne explained, an attacker will be able to go to a website, choose malware, choose what to steal — banking credentials, healthcare records, credit card numbers and such — request a number of infections, and pay for the package.

While most cyberespionage has been directed at computer systems, cyberspies increasingly will target mobile devices, predicted Michael Shaulov, CEO of Lacoon Mobile Security.

“We’re going to see more attacks that are leveraging WiFi hotspots, fake base stations or even more aggressive exploitation of mobile browsers or messaging applications,” he told TechNewsWorld.

Cybercriminals will train their gaze on Apple more often next year.

Attacks on Apple’s OS X desktop operating system have begun to rise, SentinelOne noted.

An acceleration of those attacks is likely, the firm said, because Apple continues to grow its share of the enterprise market, where it has become a darling of executives who are ripe targets for hackers.

Apple’s security problems are compounded by its reputation as a “safe” platform, according to SentinelOne. That has resulted in the production of few products that can handle advanced threats against Apple devices.

The same is true for Apple’s mobile platform, iOS.

“iOS was reasonably very safe up until recently, but over the last two to three months, cybercriminals have leveraged the apps in the platform to attack the devices,” Lacoon’s Shaulov said.

“That makes sense, because iOS is getting more traction in the market,” he added, “and the data being placed on the iOS devices is more valuable.”

Internet of Things

The Internet of Things also will become an attack surface in 2015.

Printers, smart TVs, appliances, wearable computers — a whole host of cloud connected devices will be a new source of cyberthreats in the coming year, predicted Willy Leichter, global director of cloud security for CipherCloud.

“It’s like any new technology. The standards haven’t solidified. No one has looked at the underlying security,” he told TechNewsWorld.

“There are also a lot of open source tools used by these devices that may have vulnerabilities,” Leichter added.

Although they will leverage the IoT in 2015, hackers will be less interested in victimizing consumers than in using smart devices to target businesses, noted Websense’s Leonard.

“Because these devices are Web-enabled,” he said, “they give hackers an additional entry point into a business. That’s what’s going to intrigue the malware authors and what they’ll be attacking in 2015.”

Breach Diary

  • Nov. 23. Symantec releases report on Regin, a nation-state quality spyware program that it says has been snooping on governments, infrastructure providers, researchers and individuals since at least 2008.
  • Nov. 24. Sony Pictures Entertainment shuts down its computers after its sites are vandalized by group calling itself the “Guardians of Peace.” Systems could be offline from one day to three weeks, Sony said.
  • Nov. 25. ARC Group, of New York City, donates US$500,000 in software and services to University of Albany to establish a center to investigate and resolve cybersecurity breaches.
  • Nov. 26. IntelCrawler identifies Point of Sale malware that it’s calling “d4re|devil,” or Daredevil, which is attacking ticket machines and electronic kiosks, incuding ticket machines used in mass transit systems. Malware contains both RAM scraping and keylogging capabilities.
  • Nov. 27. Home Depot, in SEC filing, reports it’s facing at least 44 lawsuits stemming from data breach this year that placed at risk 56 million payment cards of its customers.
  • Nov. 27. Gigya, a targeted marketing provider, reports traffic to its website is being redirected to server informing visitors that company’s website has been hacked by Syrian Electronic Army.
  • Nov. 28. Poland’s Supreme Audit Office reports country’s government institutions are ill-prepared for cyberattacks and not cooperating well-enough to deal with online threats.

Upcoming Security Events

  • Dec. 4. How to Stop Email Cyberattacks in their Tracks. 1 p.m. ET. Webinar sponsored by Agari. Free with registration.
  • Dec. 4. Cyber Response in Q4: Special Considerations for End-of-the-Year Priorities. Noon ET. Webinar sponsored by RSA Conference. free with registration.
  • Dec. 4. Detecting and Deciphering Sophisticated Malware C2 for Intelligence Gain. 1 p.m. ET. Black Hat webinar. Free with registration.
  • Dec. 5. Be an Onion not an Apple. 9 a.m.-4 p.m. ET. Capital Technology University, 11301 Springfield Rd., Laurel, Maryland. Workshop sponsored by Cybersecurity Forum Initiative. $195/seat.
  • Dec. 8-11. Black Hat Trainings. The Bolger Center, Potomac, Maryland. Course Registation: before Dec. 6, $2,700-$4,000; after Dec. 10, $3,800-$4,300.
  • Dec. 9. The Modern DDoS Attack: Learn How Companies are Responding. Noon, ET. Webinar sponslored by Arbor Networks. Free with registration.
  • Dec. 9. ISIS Use of Cyber. 4 p.m.-7:30 p.m. Enterprise Hall, GW Virginia Science & Technology Campus, 44983 Knoll Square,Ashburn, Virginia. Free with RVSP.
  • Dec. 10. Fill the Security Gaps in Your Firm’s Mobile Deployment. 1 p.m. ET. Webinar sponsored by Lacoon Mobile Security. Free with registration.
  • Dec. 11. How to Manage a Data Breach Involving Multiple Covered Entity Clients. 1-2 p.m. ET. Webinar sponsored by AHA Solutions. Free with registation.
  • Jan. 19, 2015. B-Sides Columbus. Doctors Hospital West, 5100 W Broad St., Columbus, Ohio. Fee: $20.
  • March 24-27, 2015. Black Hat Asia 2015. Marina Bay Sands, Singapore. Registration: before Jan. 24, $999; before March 21, $1,200; after March 20, $1,400.

John Mello is a freelance technology writer and contributor to Chief Security Officer magazine. You can connect with him on Google+.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Cybersecurity

Technewsworld Channels