In the past month, Cytegic’s Intelligence Center has observed the following events and developments which are either indicators of trends, independent significant issues, or are important enough to inform our customers:
- Cryptolocker malware is considered as dangerous to organizations as to individuals: The highly successful ransomware affected a US police station, among others. Companies should enlighten employees about the topic of Ransomware and update their awareness and training policies to include Ransomware prevention. The emphasis should continue to be on the awareness and avoidance of clicking unsecure links, especially in emails.
- Another “Snowden Effect” following Indonesia-Australia “Hacktivist-Conflict”: In accordance with Cytegic’s predictions in the past month, with any new Snowden leak comes a surge of DDoS and Defacement of Government, Defense and Banking and Finance sites. After a leak regarding Australia’s alleged spying on Indonesia, the tension between the countries manifests itself in an emerging “Hacktivist-Conflict”. This incident may ricochet to the US and the UK, due to their involvement.
- Anonymous declares “global campaign” against the US government: Anonymous has declared a worldwide campaign against the US Government, which will most likely affect the Finance sector as well. This is in retaliation to the sentence given to Anonymous affiliated hacker, Jeremy Hammond. This attack campaign is also likely to include DDoS, SQLi and Defacement attacks.
- Personal Identifiable Information (PII) becomes the most sought-after asset: After last month’s huge Adobe and data aggregators breaches, this month we continued to see the rising trend of unknown attackers stealing PII from large company databases. These attacks caused the exposure of many millions of PII, credit card details and user passwords. In addition to the dangers posed to the users, banks and financial institution are at heightened risk of identity theft and fraud.
- Increasing attacks against online forum platforms and developer sites: A continuing trend Cytegic has been following is the attacks on online forum and blog platforms (vBulletin, WordPress), open-source communities (such as GitHub), Mac developer sites (Macrumors, Israeli Mac forums) and more. This trend affects not only the sites mentioned but mostly the sites using these platforms. Companies should keep all 3rd Party platforms updated at all times. These attacks raise the possibility of platform vulnerability exploits (WordPress, vBulletin) and Watering-Hole attack (GitHub).
- European Bitcoin payment processor hacked: Another rising trend in the Financial Sector includes attacks of rising sophistication against Bitcoin exchanges and wallet services. Most attacks use phishing techniques, but some have used DDoS as diversion to the real attack. This subject should be emphasized by all financial companies. Cytegic has been following the rise in Bitcoin related attacks, in parallel to the rise in Bitcoin popularity and value.