Top 3 Trends in Today's Threat Landscape
Benny Czarny, Founder and CEO of OPSWAT
Every day there seems to be a new malware threat that we hear about, from remotely controlling cars and medical equipment, to attacks on well-known security vendors such as Kaspersky Lab and Bitdefender. Each threat seems to be bigger and more dangerous than the last. Among this never ending stream of publicized cyber threats and attacks, here are three trends to keep an eye on:
Trend 1. Cyber Security Companies Are Targets
Recently we have seen a number of sophisticated attacks specifically directed towards cyber security companies and their products. Kaspersky’s network was recently hacked and valuable R&D data was accessed, including source code and intellectual property. The attack was apparently very sophisticated and it is thought that millions of dollars went into its development. The data breach at Bitdefender and subsequent ransom demand is another example of a cyber security company being targeted by hackers. In addition, we are seeing a rise in malware that is capable of evading cyber security products. For instance, the Duke malware family includes anti-AV detection capabilities and searches for several security products to evade, including Kaspersky Lab, Sophos, DrWeb, Avira, Crystal, Comodo Dragon, AVG and K7.
Trend 2. Internet of Things Is Under Attack
The vulnerability of the Internet of Things (IoT) is currently a hot topic that receives a lot of attention in the press. Devices are increasingly being connected to the Internet such as cars, medical equipment, thermostats, and watches, to name but a few. Our society is becoming more and more connected, with endless possibilities. In the future, we will be able to switch on our oven remotely, start the vacuum cleaner and feed the cat. All these possibilities appeal to our imagination and need for convenience, but also reminds us of big brother and how, if these devices were hacked, attackers would have access to our private lives. Since each device that is connected to the Internet can theoretically be hacked, the ubiquity of these devices inherently means that we are exposing ourselves to more threats.
Trend 3. Increasing Firmware Hacks
Another trend that we are seeing is firmware hacking: the process of installing rogue firmware on embedded devices. Cisco recently warned customers that hackers are replacing the boot firmware on devices running Cisco’s IOS operating system with a malicious version. The attackers install the malicious version to prevent reboots from wiping IOS infections. Now that Point of Sale systems (POS) have gone mobile, these too have become a target for hackers. Although the possibility of firmware hacking has been known for some time, actual real-world attacks have been rare until now.
So what can you do to protect yourself against these threats? Unfortunately the effectiveness of using a single anti-virus engine is decreasing. With over 450,000 new threats emerging daily, it is impossible for any single engine to provide guaranteed protection 100% of the time. The solution is to use multiple anti-malware engines. By combining multiple anti-malware engines, you can leverage the power of the different detection algorithms and heuristics of each engine and detect significantly more threats. Other technologies such as data sanitization and file type verification can provide additional protection against threats that are missed by anti-virus engines. Finally, we will be seeing a lot of IoT security improvements as vendors address vulnerabilities using techniques such as white listing connections, and performing packet inspections and anti-malware scanning in the cloud.
Benny Czarny is the Founder and Chief Executive Officer at OPSWAT. Benny has over 20 years of experience in the Computer and Network Security field. From the early days of computer viruses he was interested and involved in the fields of encryption, network operations, security vulnerabilities detection, and research.