Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Brace for hazards: Trend Micro Malaysia 3Q report

AvantiKumar | Dec. 1, 2015
Current vulnerabilities are signalling more attacks, said Trend Micro's Goh Chee Hoh.

Goh Chee Hoh, Managing Director for Malaysia, Singapore and Indonesia, Trend Micro 

Photo - Goh Chee Hoh, Managing Director, Trend Micro Malaysia, Singapore & Indonesia

 

According to Trend Micro's 3Q security roundup, current vulnerabilities point to impending attacks, said the security solutions provider.

Speaking of the company's 'Q Security Roundup: Hazards Ahead: Current Vulnerabilities Prelude Impending Attacks',  Goh Chee Hoh, Trend Micro managing director for Malaysia, Singapore & Indonesia, said that experts have called on people to brace for disaster, it was based on various signs. 

Trend labs noted several signs pointing to sensitive data being attacked, which could lead to damages to individuals' personal lives and organisations' operations, said Goh.

He said that the high-profile breaches, vulnerability exploits, and other attacks we saw in the past quarter served as barometers of security disasters waiting to happen.

"We've reached a point where just about anything can be vulnerable to threats," said Goh. "The security incidents we saw this past quarter revealed just how big the existing cracks are in the mobile ecosystem, Internet-connected devices, and network infrastructures, among others."

"Similar to seismic readings signalling forthcoming earthquakes, these security gaps could be a prelude to massive events that we believe will greatly impact 2016," he said.

Some major breaches

Goh recalled several recent breaches, which included:

Hacking Team breach: Attacks following the Hacking Team dump are on top of the list of this quarter's security concerns. The incident led to the discovery of a slew of zero-day vulnerabilities in Flash, Internet Explorer, and Windows; a spying tool for Android and iOS devices; and an Android app that can bypass Google Play security. One of these discovered flaws was also added to the Angler Exploit Kit and used in attacks in Korea and Japan; another, in attacks against Taiwan and Hong Kong websites.

Ashley Madison Breach: Attack by Extortion Another data breach dump this quarter, one that fuelled further attacks and extortion, is that of the illicit dating site, Ashley Madison. Reports of blackmail and extortion from the leaked names on the site emerged soon after its breach. Exposure proved fatal as reports of suicide surfaced. Incidentally, we also learned that even honeypot emails used by Trend Micro were used to create profiles on the site, adding the risk of having an account created on one's behalf among the list of concerns.

Stagefright, Xcode, and more weak points in Android and iOS: A majority of Android devices were put on a standstill with the emergence of Stagefright, which enables attackers to install malware through MMS, a malicious app, or a specially-crafted URL. Multiple vulnerabilities in the mediaserver component were also uncovered.

 iOS devices were also at risk through tampered versions of iOS developer tools Xcode and Unity. Apps that were created using the Trojanized version of Apple's toolkit Xcode found their way inside the App Store, putting iOS device users at risk of fraud and phishing. Apart from Xcode, a vulnerability was also found in Apple's Airdrop feature and another in the way that iOS devices handle configuration sent through MDM clients (quicksand).

PoS targets: SMBs

Goh said small businesses were a prime target for cybercriminals who use the 'shotgun approach' on PoS malware.

For example, cybercriminals used the Angler Exploit Kit to find PoS systems; GamaPOS users latched on the Andromeda botnet to target retail organisations; while other cybercriminals spread spammed messages to deliver the KASIDET malware with PoS RAM scraping capabilities.

He said Trend Micro also noted a move to switch to EMV (Europay, MasterCard, and Visa) technology in the US, which was supposed to better secure businesses from counterfeiting, but may still be compromised by RAM-scraping malware.

 

Sign up for CIO Asia eNewsletters.