APTs, ransomware to be 'biggest' 2015 threats
Targeted attacks and ransomware cases on the rise this year, says ESET
Targeted attacks and ransomware will be the biggest security threats facing organisations and individuals in 2015, according to Mohamed Djenane, security specialist at ESET Middle East.
Laying out his cyber-security predictions for the year ahead, Djenane explained that targeted attacks, known as advanced persistent threats (APTs), will continue to become more of a worry in 2015. This, he said, was due to the fact that cyber-criminals are being picky about their targets, and will conduct attacks that go on for much longer than traditional hacks.
"In most of these attacks, there is a specific target, as opposed to traditional attacks that use any available corporate targets for their purposes," he said.
"Secondly, these kinds of attacks try to stay unnoticed for longer periods of time. In this context, it is important to notice that the attack vectors are predominantly social engineering attacks or zero-day exploits."
APTs have grown over the past several years, from three identified attacks in 2008, to 75 known attacks in 2015, according to cyber-attack repository APTnotes. Referencing this data, Djenane added that there were probably many undiscovered attacks that could be added to these numbers.
"These stats are based only on well-known public attacks, so it is reasonable to think that the statistics showing a growing trend is real; the amount, however, should be bigger, taking into account attacks that never reach the public space because of confidentiality reasons," he said.
Meanwhile, Djenane also warned that ransomware will be a key point for malware developers, and that this type of malware will become a more relevant threat in coming years. He referenced big companies such as Yahoo and AOL getting hit by ransomware attacks in 2014.
Djenane added that attacks on online payment systems could begin to gain ground in 2015, and also warned that the emerging trend of the Internet of Things could pose security risks, too.