Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Data breaches, organisational attacks, and vulnerabilities dominate H1 2014: Trend Micro

Zafirah Salim | Aug. 14, 2014
The severity of attacks against organisations highlight the importance of incident response planning and organisation-wide security awareness.

On the other hand, those that subscribe to cloud services should consider keeping their data in several secure locations as backup. All users, meanwhile, should ensure that they do not use the same password across different accounts

Vulnerabilities

The threat environment around vulnerabilities entered new and unprecedented territory with the expiration of security support for Windows XP and the Heartbleed event. Heartbleed is deemed as the most critical vulnerability by Trend Micro. The two-year-old bug puts millions of websites and their users at risk of possible cyber attacks, and paved the way for attackers to steal data such as passwords and credit card information from users conducting financial transactions via the Secure Sockets Layer (SSL) protocol on vulnerable websites.

Following this vulnerability, system administrators were advised to keep their software updated and issue new security certificates. However, more than 300,000 Internet-connected systems still remained unpatched months later.

As for Windows XP, it stopped receiving vendor support since April 8. Despite this, many organisations still continued using it, which resulted in DOWNAD/Conficker infections.

On the mobile front, vulnerabilities in Android apps continued to pose serious security risks. Certain app components monitored this quarter had various security flaws that could leave user data at risk of being captured or of being used to launch attacks.

Japan also saw a significant growth in the number of online banking malware victims due to the rise in VAWTRAK detections in May 31. Though not considered banking malware prior to this quarter, recent variants have expanded their capabilities to include stealing online banking credentials and credit card information.

Collaboration with law enforcement agencies worldwide

Meanwhile, on a broader scale, Trend Micro stressed that the battle against cybercrime can only be won through cooperation between public and private entities.

Trend Micro commented that it has worked closely with law enforcement agencies to aid the police in arresting cybercriminals by offering investigation support and sharing available threat intelligence.

"The reported attacks in the second quarter reveal that the wide spectrum of cyber threats can have a disastrous impact globally," said JD Sherry, Vice President, Technology and Solutions of Trend Micro.

"Implementing a strategic incident response plan by forging collaborations, both internally and externally, will provide agencies and industries the resources to respond and protect against current threats to information security," he added.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.