Growing cybercrime menace laid bare - TechCentral

Growing cybercrime menace laid bare

Sergey Novikov

Sergey Novikov

If you think Eskom’s load shedding causes disruptions, there’s potentially an even bigger problem for the economy waiting in the wings — a technology outage caused by a cyber attack.

The very functioning of modern economies is increasingly reliant on connected technology. Even purchasing something as basic as prepaid electricity relies on IT systems.

Kaspersky Lab deputy director for global research and analysis Sergey Novikov believes the risk to these systems is high.

In 1994, a new computer virus was released once every hour. By 2006, this had increased to one a minute. Now, there are 350 000 new samples every day, Novikov says.

Novikov says the most common cyber attacks are on ordinary users and are committed by “regular cyber criminals”. The next most targeted is the corporate sector, where cyber espionage has become a particular problem. The final level occurs in state-to-state attacks, where countries are increasingly engaging in cyber espionage and even terrorism.

From January to March 2015, there were 2,1bn attacks worldwide, 130m of which happened in Africa and the Middle East (including Turkey).

According to Kaspersky Lab data, there were 1,8m Internet-borne malware incidents recorded by its South African users in the first quarter of 2015.

Windows remains attackers’ preferred target platform, with 237m unique malicious software files or malware created for the software by January 2015. There are 13m pieces of malware for Android, with 12 000 for Apple’s Mac OS X users and just 283 for its iOS software that powers the iPhone and iPad.

Users are frequently attacked by malware spread via removable USBs, CDs, DVDs and other “offline” methods. Removable devices were responsible for more than 70% of malware infection in the Africa and Middle East region in the first quarter of 2015.

In the first quarter of the year, there were 468m attacks registered worldwide, with 32m being in Africa and the Middle East. South Africa is second in the region for the development of malware, Kaspersky says.

Other methods used to attack computers include drive-by downloads, where users are tricked into downloading malicious software, phishing-related e-mails and social networks, where even clicking on the photo can allow viruses into a system.

Oracle’s Java platform is a favourite platform exploited by attackers, with Windows and Android also targeted.

Kaspersky says there has been an increase in attacks using point-of-sale malware in retail outlets. Every time you swipe your credit or debit card at a point-of-sale device it provides an opportunity for a cyber attack, it says. With some point-of-sale devices handling thousands of transactions daily, they provide an ideal opportunity for cyber criminals.

Ransomware, where a user’s files are encrypted by an attacker and money demanded to obtain decryption keys, is another growing threat. Often military grade encryption is used.

Smartphones have become another platform for attack by malware developers. The first example of mobile malware was detected just 10 years ago; last year, there were 296 000 known viruses targeted at mobile devices — with 98% focusing on Android.

Mobile devices allow criminals to gain access to various types of information including SMS messages, business e-mails and contacts, personal photos, users’ GPS co-ordinates, banking credentials and calendar apps. These open up users to a whole new world of potential victimisation, according to Kaspersky.

There has also been an increase in advanced persistent threat or APT attacks. These usually involve a large number of people and huge resources that go after specific targets, usually companies, for weeks or even months on end.

They usually involve large criminal syndicates or in some cases even governments. The first well-known such attack was the Stuxnet computer worm, which attacked users running Windows and Siemens’ Step 7 software. The main countries infected were Iran, Indonesia and India, with speculation that Iran’s nuclear programme was targeted specifically.

Since Stuxnet, there has been a rapid increase in APT attacks. Among the most prominent so far this year was the Carbanak attack, which targeted banking networks. It literally allowed ATMs to dispense cash or used international banking systems to transfer money.

Sometimes bank accounts balances were inflated using accounting practices and the extra money was transferred to criminals accounts without bank clients even suspecting anything. It’s estimated that attackers were able to steal more than US$1bn.  — (c) 2015 NewsCentral Media

  • The writer travelled to a Kaspersky Lab conference in Lisbon, Portugal as a guest of the company

Comments are closed.

© 2009 – 2020 NewsCentral Media