2015 may just go down in history as the year of the hack.
2015 featured 365 days filled with headlines covering everything from the OPM breach, to Anonymous' latest shenanigans, to mobile vulnerabilities. The breadth and depth of these breaches were both alarming and eye-opening. We saw how an average teenager with basic computer skills can bring down telecom giants and how CCaaS (cyber-crime as a service) has quickly become a booming business. Governments breached other governments and federal agencies had their weaknesses exposed in serious ways. Even gamers and kids weren't safe in 2015.
Every day there seems to be a new malware threat that we hear about, from remotely controlling cars and medical equipment, to attacks on well-known security vendors such as Kaspersky Lab and Bitdefender. Each threat seems to be bigger and more destructive than the last. Among this never ending stream of publicized cyber threats and attacks, here are three trends to keep an eye on:
Data breaches have been in the news more this year than ever! We are excited to launch a new Data Breach page that will highlight notable breaches. Information available on the page will include the cause of the breach, the number of records or data lost, monetary damages and a solution for how the breach could have been prevented. We believe this page will add value for both our customers as well as others in the industry and will help raise awareness on how breaches happen and will hopefully promote discussions on how they can be prevented in the future.
According to the Ponemon Institute, 43% of companies experienced a data breach in 2014. Not only is the number of data breaches rising, the number of records stolen per breach is increasing as well as the cost per stolen record. It is apparent that current security measures are not sufficient to protect organizations from data breaches.
Among the revelations coming out of the massive data dump from the Hacking Team breach include emails showing that the FBI purchased services and products from Hacking Team for the purpose of identifying Tor users. With customers all across the world, this isn’t surprising that the FBI is among them.
Apparently a small unit in the FBI purchased Hacking Team's Remote Control System (RCS), otherwise known as Galileo, as a sort of 'backup' for a primary tool. RCS is an impressive ‘tool’ that provides endpoint telemetry and surveillance of encrypted communications as long as it is installed on the target device.
With so many different types of threats circulating, it is difficult for network security administrators to find a comprehensive solution for their secure networks. By identifying which threats are the most dangerous to their organization, security administrators can effectively focus their resources where they are needed most.
Last week the CyberEdge group released the 2015 Cyberthreat Defense Report that surveyed 800 IT Security professionals on cybersecurity matters. The report states that 71% of respondents’ networks were breached in 2014, up from 62% in 2013. The expectation of further cyber-attacks is also rising: 52% of respondents believe a successful attack is likely in 2015, compared to 39% last year. Phishing, malware, and zero-day attacks were considered to pose the greatest cyber risks to responding organizations.
Over the weekend, Kaspersky Lab announced details of what may be the largest cyber-attack to date, targeting the banking industry. The breach affected more than 100 banks in 30 different countries worldwide and could total as much as $1 Billion in total losses.
Since the 20th century, the Made in America moniker has been associated with higher quality goods when compared to imported alternatives, at least when these goods are targeted at the American consumer. For manufactured or assembled products, it’s hard to know when this label indicates that the product was actually made in the United States. For cyber-attacks, which carry no label, it’s even more difficult to track their origin. This happens for many reasons, the most obvious one being this: Cybercriminals strive to remain anonymous, and their ‘products’ rarely carry telltale signs of their origin.