New techniques are blending with old and exploit kits are making it easier to create advanced threats – these are among the conclusions of the 2015 Threat Report from Websense Security Labs.
The security solution vendor’s annual report for 2015 looks at evolving attack trends, tactics and defense vulnerabilities, and how cutting-edge tools rather than technical expertise are helping cybercriminals up their game.
With redirect chains, code recycling and other techniques, cybercriminals are being more difficult to track, and they’re taking their exploits into the network framework itself, leveraging the wide use of older standards through the code base of Bash, OpenSSL SSLv3 and others.
“Cyber threats in 2014 combined new techniques with the old, resulting in highly evasive attacks that posed a significant risk for data theft,” said Charles Renert, vice-president of security research for Websense, in a statement. “In a time when Malware-as-a-Service means more threat actors than ever have the tools and techniques at hand to breach a company’s defenses, real-time detection across the Kill Chain is a necessity.”
Through its research, Websense identified four key behavioural and technique-based trends that security professionals need to be aware of.
- Cybercrime Just Got Easier: The availability of exploit kits for rent or purchase — Malware-as-a-Service – allows cybercriminals to launch attacks more easily, with less expertise necessary, and from multiple vectors.
- Something New or Déjà Vu?: Old tactics like macros are being blended with new evasion techniques and launched through email and web channel. While the web has a dominant role in cyberattacks, email remains a potent vehicle for threat delivery. The number of emails Websense identified as malicious was up by 25 per cent in 2014, and more than three million macro-embedded email attachments were identified in the last 30 days of 2014 alone.
- Digital Darwinism: Cybercriminals are now focusing more on quality than quantity in their attacks. While Websense observed 5.1 per cent fewer threats in 2014, the number of high profile breaches hasn’t abated. Attackers are trying different attacks and adjusting their profiles based on the results – for example, call home activity rose 93 per cent while exploit kit usage dropped 98 per cent.
- Avoid the Attribution Trap: It is becoming more and more difficult to trace attacks with the ways cybercriminals have to cover their tracks. Websense recommends focusing on remediation instead of attribution.
Finally, the report also sounded a cautionary note about the Internet of Things (IoT). While smart connected devices have tremendous potential to change our daily lives, with as many as 50 billion connected devices by 2020 that’s a plethora of new attack vectors if security isn’t central to IoT development.