What cyber security lessons were learned in 2014?
Arguably, 2014 will be remembered as a year that left its mark on the state of cyber security across the industry. From massive retail data breaches to cyber attacks waged by nation states against organizations, the widespread impacts led to unprecedented repercussions. These types of attacks can cause brand damage, increased audit scrutiny and significant loss of market share. Let’s take a closer look at what we saw in 2014.
Massive Retail Breaches
2014 was a record year for retail data breaches – at least in terms of number of records lost. Between Home Depot, Target and JP Morgan Chase, nearly every American felt the impact in some way, shape, or form. And while the large retailers occupied the mainstream headlines, a slew of small and mid-size retailers experienced similar breaches. POS (Point-of-Sale) systems became a popular target for criminals, as they obviously play a significant role in processing financial transactions. This, coupled with the increased demand for stolen credit cards, had a significant impact on the surge of malware targeting POS systems. Until merchants and manufactures get serious about securing these terminals and their networks, they will remain a rich target for cyber criminals.
Sophisticated Banking Trojans
An underground market once dominated by ZeuS, Carberp, Citadel and SpyEye has given birth to more advanced variants and copycats boasting additional functionality and capabilities. In 2013 nearly a million new banking malware variants were uncovered, which more than doubled the volume of the previous year. Institutions amped up their security to protect against these threats, but the rise of banking malware continued into 2014 as fraudsters tried to stay one step ahead. Last year we were introduced to Kronos, Emotet, Dridex and Dyre. Although core functionality (e.g. stealing online banking credentials) still existed, these newer variants included enhancements in the form of anti-detection techniques and intelligent communication mechanisms.
Surges in Crypto-malware
Researchers observed a global surge in the occurrence of crypto-malware families such as Cryptolocker, Cryptodefense and Cryptowall. Cryptomalware is a particularly sinister threat that encrypts data on a compromised device and then attempts to extort money from the victim in order to have the data decrypted. Across the world, we watched as crypto-malware targeted a wide range of victims, from state governments to small towns, and large corporations to the average consumer. Faced with really no other option, most victims reluctantly paid the demanded ransom, crossing their fingers and blindly trusting their data would be restored. Unfortunately, this wasn’t always the outcome.
Attacks Aimed at the Weakest Link
The threat of attack directed towards the human element of security had been predicted. Frankly, it continues to prove to be the easiest path of resistance and yields a high rate of success. Attackers are no longer “throwing the kitchen sink” in hope the victim bites at the phish. Instead, techniques evolved as social engineering efforts became more specially crafted, targeting the victim in a manner that increased the chance the victim would divulge information or perform actions that would be unlikely in ordinary circumstances. Well-planned attempts targeted the back office at financial institutions, and fraudsters impersonated legitimate customers and coerced victimized employees into approving fraudulent transactions.
2015 and Beyond
So, what does 2015 have in store? Not surprisingly, we should probably be hedging our bets towards more of the same. However, I strongly believe institutions can tip the scale of power in their favor. Security requires vigilance and accountability. The threats we face are too pervasive to allow us to believe we can prevent them all. Financial institutions must leverage the right technology solutions that not only help defend against these threats, but also provide real-time detection. Ideally, these solutions can improve our ability to not only respond, but also remediate all types of attack. Tipping the scale, we greatly improve our chances for winning this ongoing fight.