Trend Micro released its TrendLab Q1 2015 Security Roundup report last month revealing a combination of newer and older threat variations defined the cybersecurity landscape in the Q1 of 2015. Malvertising, zero-day vulnerability exploitation, “old-school” macro malware and the decade-old FREAK vulnerability are among the highlights.

trend-micro-logo

 

The overall threat volume in the threat landscape has generally decreased compared with that recorded in the 4Q of 2014. Unlike the lower number of malicious domains that Trend Micro has blocked user access to and malware that was prevented from infecting devices, what has spiked in growth is the spam volume. Trend Micro said it prevented a total of 342 million spam sending IP addresses from reaching user’s inboxes in APAC region, of which China and Japan contributed more than half (194 million). This could indicate a return to email as the most-favored infection vector to deliver old threats like macro malware to vulnerable computers.

Adware also topped the list of mobile threats, with Trend Micro now documenting more than five million Android threats to date — nearing the predicted total of eight million by the close of 2015. In fact, top malicious and high-risk apps blocked by Trend Micro were adware related, reflecting this increase. In fact, at the end of the first quarter of 2015, Trend Micro noted that out of the total mobile apps downloaded in Malaysia, 1 out of 50 apps were malicious or potentially unwanted.

Trend Micro researchers also found zero-day exploits targeting Adobe software utilized malvertisements and no longer required victims to visit or interact with malicious sites to become infected.

The healthcare industry experienced a notable rise in cyber-attacks, in addition to iOS and point-of-sale (PoS) systems continuing to be targeted. Since exploitations in these areas have been in their infancy for several years, researchers believe this rise is primarily due to a lack of preparedness—a sizable oversight that should be addressed.

Report highlights of the Trend Micro Q1, 2015 Security Roundup report include:

  • Healthcare Industry Hit by Massive Attacks: Major healthcare service providers, such as Premera Blue Cross and Anthem, suffered data breaches that exposed millions of customers’ financial and medical data.
  • Old Threats Invigorated with New Targeted Attack Tools, Tactics and Procedures: Rocket Kitten and those behind Operation Pawn Storm set their sights on new targets, proving that targeted attacks are evolving.
  • Exploit Kits Grew in Sophistication: Exploit kits constantly add new exploits to their arsenals, adding to their allure to expert and novice attackers.
  • Crypto-Ransomware Volume Soared, Expands to Enterprises: Crypto-ransomware expanded their target base to enterprise users, no longer exclusively pursuing consumers.
  • Macro Malware, Old but Still Effective: The resurgence of macro malware suggest cybercriminals are taking advantage of user security complacency, through reliance on Microsoft Office defaults.
  • Decade-Old FREAK Security Flaw Brought on Patch Management Challenges: As more vulnerabilities emerge in open source OSs and applications, IT administrators will find it increasingly difficult to mitigate risks.

“Bad Ads and Zero-Days: Reemerging Threats Challenge Trust in Supply Chains and Best Practices.” From an industry perspective, healthcare and retail point-of-sale systems have also seen an uptick in threat activity. The report reinforces how complacency can present major cybersecurity risks in an era where the margin for error has been significantly diminished.

“Even though we are early in the year, it is clear 2015 is shaping up to be noteworthy in terms of volume, ingenuity and sophistication of attacks,” said Raimund Genes, CTO, Trend Micro. “The rise in attacks against the healthcare industry, combined with the rise in malvertisements, reflects that technology users are being assailed from all angles. It is clear businesses and individuals alike need to be proactive in protecting against threats. As a business, how would your IT-Security policies look like in a Zero Trust Environment? An aggressive and different security posture is critical to keep financial, personal and intellectual property safe.”

“The question we have to ask is, ‘are we doing enough to protect ourselves from security threats?’” added Genes. “While we need to constantly update our systems to protect against new attacks, the first quarter of 2015 clearly showed we need to also watch out for older threats, and how no industry or system should feel exempt.”

[Download PDF]– TrendLabs Q1, 2015 Security Roundup Report

Leave a Reply