Cybersecurity Threats 2015: More Espionage, More Apple Malware

EcommerceTimes ^ | 12/03/14 6:53 AM PT | By John P. Mello Jr.

[Swordmaker]

Cybercriminals will train their gaze on Apple more often next year.

Attacks on OS X have begun to rise, and an acceleration of those attacks is likely, SentinelOne noted, because Apple continues to grow its share of the enterprise market, where it has become a darling of executives who are ripe targets for hackers. Apple's security problems are compounded by its reputation as a "safe" platform.

Cyberspies will flourish and hackers will target Apple devices more often in 2015.

Until now, Russia, China and the United States have dominated the cyberespionage scene, but their success will start to attract new players to the practice.

"We can expect some of the developing economies -- countries forecasted for high economic growth -- to engage in these activities to protect their growth status," Carl Leonard, a senior manager at Websense Security Labs, told TechNewsWorld. "Those players have yet to be revealed."

"Cells" that will remain independent of the nation-states they're operating in will supplement those efforts, launching operations that advance the objectives of their native countries, according to Websense. That kind of activity already has been seen in Russia and China.

Russian cyberattacks on the West, as a form of retaliation for political actions taken against the Kremlin, will continue, forecast SentinelOne.

A lack of accountability within the Beijing regime will allow China's cyberespionage efforts to continue unabated, the firm also said.

Further, there will be an acceleration of cyberespionage activity by Pakistan, SentinelOne predicted, mostly directed at India. It will be outsourced, with contractors hired to write malware and orchestrate attacks.

Apple in Crosshairs

Pakistan may be in the forefront of a trend SentinelOne predicted for 2015: Attacks as a Service.

Instead of shopping here and there to gather the tools for an attack, SentinelOne explained, an attacker will be able to go to a website, choose malware, choose what to steal -- banking credentials, healthcare records, credit card numbers and such -- request a number of infections, and pay for the package.

While most cyberespionage has been directed at computer systems, cyberspies increasingly will target mobile devices, predicted Michael Shaulov, CEO of Lacoon Mobile Security.

"We're going to see more attacks that are leveraging WiFi hotspots, fake base stations or even more aggressive exploitation of mobile browsers or messaging applications," he told TechNewsWorld.

Cybercriminals will train their gaze on Apple more often next year.

Attacks on Apple's OS X desktop operating system have begun to rise, SentinelOne noted.

An acceleration of those attacks is likely, the firm said, because Apple continues to grow its share of the enterprise market, where it has become a darling of executives who are ripe targets for hackers.

Apple's security problems are compounded by its reputation as a "safe" platform, according to SentinelOne. That has resulted in the production of few products that can handle advanced threats against Apple devices.

The same is true for Apple's mobile platform, iOS.

"iOS was reasonably very safe up until recently, but over the last two to three months, cybercriminals have leveraged the apps in the platform to attack the devices," Lacoon's Shaulov said.

"That makes sense, because iOS is getting more traction in the market," he added, "and the data being placed on the iOS devices is more valuable."

Internet of Things

The Internet of Things also will become an attack surface in 2015.

Printers, smart TVs, appliances, wearable computers -- a whole host of cloud connected devices will be a new source of cyberthreats in the coming year, predicted Willy Leichter, global director of cloud security for CipherCloud.

"It's like any new technology. The standards haven't solidified. No one has looked at the underlying security," he told TechNewsWorld.

"There are also a lot of open source tools used by these devices that may have vulnerabilities," Leichter added.

Although they will leverage the IoT in 2015, hackers will be less interested in victimizing consumers than in using smart devices to target businesses, noted Websense's Leonard.

"Because these devices are Web-enabled," he said, "they give hackers an additional entry point into a business. That's what's going to intrigue the malware authors and what they'll be attacking in 2015."

Breach Diary

• Nov. 23. Symantec releases report on Regin, a nation-state quality spyware program that it says has been snooping on governments, infrastructure providers, researchers and individuals since at least 2008.
• Nov. 24. Sony Pictures Entertainment shuts down its computers after its sites are vandalized by group calling itself the "Guardians of Peace." Systems could be offline from one day to three weeks, Sony said.
• Nov. 25. ARC Group, of New York City, donates US$500,000 in software and services to University of Albany to establish a center to investigate and resolve cybersecurity breaches.
• Nov. 26. IntelCrawler identifies Point of Sale malware that it's calling "d4re|devil," or Daredevil, which is attacking ticket machines and electronic kiosks, incuding ticket machines used in mass transit systems. Malware contains both RAM scraping and keylogging capabilities.
• Nov. 27. Home Depot, in SEC filing, reports it's facing at least 44 lawsuits stemming from data breach this year that placed at risk 56 million payment cards of its customers.
• Nov. 27. Gigya, a targeted marketing provider, reports traffic to its website is being redirected to server informing visitors that company's website has been hacked by Syrian Electronic Army.
• Nov. 28. Poland's Supreme Audit Office reports country's government institutions are ill-prepared for cyberattacks and not cooperating well-enough to deal with online threats.

Upcoming Security Events

• Dec. 4. How to Stop Email Cyberattacks in their Tracks. 1 p.m. ET. Webinar sponsored by Agari. Free with registration.
• Dec. 4. Cyber Response in Q4: Special Considerations for End-of-the-Year Priorities. Noon ET. Webinar sponsored by RSA Conference. free with registration.
• Dec. 4. Detecting and Deciphering Sophisticated Malware C2 for Intelligence Gain. 1 p.m. ET. Black Hat webinar. Free with registration.
• Dec. 5. Be an Onion not an Apple. 9 a.m.-4 p.m. ET. Capital Technology University, 11301 Springfield Rd., Laurel, Maryland. Workshop sponsored by Cybersecurity Forum Initiative. $195/seat.
• Dec. 8-11. Black Hat Trainings. The Bolger Center, Potomac, Maryland. Course Registation: before Dec. 6, $2,700-$4,000; after Dec. 10, $3,800-$4,300.
• Dec. 9. The Modern DDoS Attack: Learn How Companies are Responding. Noon, ET. Webinar sponslored by Arbor Networks. Free with registration.
• Dec. 9. ISIS Use of Cyber. 4 p.m.-7:30 p.m. Enterprise Hall, GW Virginia Science & Technology Campus, 44983 Knoll Square, Ashburn, Virginia. Free with RVSP.
• Dec. 10. Fill the Security Gaps in Your Firm's Mobile Deployment. 1 p.m. ET. Webinar sponsored by Lacoon Mobile Security. Free with registration.
• Dec. 11. How to Manage a Data Breach Involving Multiple Covered Entity Clients. 1-2 p.m. ET. Webinar sponsored by AHA Solutions. Free with registation.
• Jan. 19, 2015. B-Sides Columbus. Doctors Hospital West, 5100 W Broad St., Columbus, Ohio. Fee: $20.
• March 24-27, 2015. Black Hat Asia 2015. Marina Bay Sands, Singapore. Registration: before Jan. 24, $999; before March 21, $1,200; after March 20, $1,400.

[Swordmaker]

It is interesting that the headline of this article is unrelated to little factual content in the article itself. This is a prime example of using an Apple linkage to get hits, as the article itself really has very little to do with any threats at all either growing in the past or looming in the future for Apple products except the vague possibilities that they might.

In actual fact, there has been NO rise in successful attacks against either Apple OS X or iOS iPhones or iPads in the last year, except for a limited exploit in China involving an unauthorized third party App Store that convinced a small number of Chinese iPhone users to actively switch their iPhones to a setting that allowed downloading of apps from a source masquerading as their trusted employer's server, as if they were receiving trusted apps from their employer. . . So that a third party App Store could sell apps instead of Apple's App Store and better than 1/3 of the apps on that store were infected with malware for the purpose of identity theft. That possibility has been closed. . . and the crooked App Store has been closed by the Chinese government. It was essentially an elaborate Trojan Horse scheme. — Swordmaker

[Swordmaker]

This article is one that uses a inflammatory headline about more Apple Malware coming in 2015 to cause people to read it. . . But there isn't any steak with their sizzle! It's mostly FUD for Apple users, but some useful general computer security information. So PING!

Apple Semi FUD Ping!

If you want on or off the Mac Ping List, Freepmail me.

[rarestia]

While I still think you're a bit over-defensive of Apple in general, Sword, I have to agree with you that this article is a poorly-written miasma of buzzwords.

I think the most important take away from the article is this:

"We're going to see more attacks that are leveraging WiFi hotspots, fake base stations or even more aggressive exploitation of mobile browsers or messaging applications," he told TechNewsWorld.

This is a growing problem, and people who leave their wifi on all the time are going to be most susceptible to this attack vector. Most mobile devices have wifi turned on by default and configured to connect to any available wifi hotspot. Without some basic changes to the out-of-the-box OS, the uninitiated and misinformed among us are going to inadvertently put themselves into harm's way.

[Swordmaker]

"We're going to see more attacks that are leveraging WiFi hotspots, fake base stations or even more aggressive exploitation of mobile browsers or messaging applications," he told TechNewsWorld.

I thought so too. I posted an article on FR not too long ago about faux cell towers spoofing cell phones near military bases around the country intercepting calls and passing them on into the cell system. . . but no one knows whose they are. . . and what's being done with the cell traffic that goes through those "fake" or "unaffiliated" towers.

[rarestia]

As a HAM radio operator, I’ve designed and setup my fair share of antennae arrays, and I’ve seen some antennae around cell towers that left me dumbfounded as to their utility. Oftentimes they were outside or actually on the fence surrounding the base which is against regulations.

[Aliska]

Trying to get an understanding of the golden ratio. Apple's logo is an example:

Golden Ratio in logo designs

There is a beautiful embedded video demonstrating the golden ratio in nature. Scroll down further on the linked page.

[Swordmaker]

Nice drawing, Aliska, It takes me back many years to my art classes in college. . . but I think they are stretching quite a bit to trying to squeeze and squoze the Apple logo into the golden rectangle and ratio. I think you may have better luck using a standard square with this logo than the golden rectangle. LOL! I can see some of the derived circles. . . but they are thinking outside the box again. . . and the Apple is outside the box. . . I see more the curve of a Nautilus shell following the Apple curvature. . . but even that isn't that isn't accurate.

It is a stylized Apple. Nothing more.