Cyber attackers show ingenuity in first quarter of 2015, report shows

A combination of newer and older threat variations defined the cyber security landscape in the first quarter of 2015, report shows

A combination of newer and older threat variations defined the cyber security landscape in the first quarter of 2015, according to the latest report from Trend Micro.

The Re-emerging threats challenge trust in supply chains and best practices report highlights malvertising, zero-day vulnerability exploitation, macro malware and the Freak vulnerability.

Researchers said exploit kits grew in sophistication and added new exploits to their arsenals, increasing their appeal to expert and novice attackers.

They also found that old threats are being reinvigorated with new targeted attack tools, tactics and procedures. For example, those behind Operation Pawn Storm set their sights on new targets, proving that targeted attacks are evolving.

Another trend identified by the report is the shift in focus of crypto-ransomware from consumers to target enterprises.

The resurgence of macro malware suggest cyber criminals are taking advantage of user security complacency, through reliance on sofware defaults, the researchers said.

The start of 2015 also saw the decade-old Freak vulnerability cause patch management challenges. As more vulnerabilities emerge in open-source operating systems and applications, researchers said IT administrators will find it increasingly difficult to mitigate risks.

”From an industry perspective, healthcare and retail point-of-sale systems have seen an uptick in threat activity,” said Trend Micro chief technology officer Raimund Genes.

Major healthcare service providers, such as Premera Blue Cross and Anthem, suffered data breaches in the first quarter of 2015 that exposed millions of customers’ financial and medical data.

“The report reinforces how complacency can present major cyber security risks in an era where the margin for error has been significantly diminished,” he said.

Tech users assailed from all angles

2015 is shaping up to be noteworthy in terms of volume, ingenuity and sophistication of attacks, said Genes.

“The rise in attacks against the healthcare industry, combined with the rise in malvertisements, reflects that technology users are being assailed from all angles,” he said.

According to Trend Micro, businesses and individuals alike need to be proactive in protecting against threats.

Read more about cyber threats

Genes said an aggressive and different security posture is critical to keep financial, personal and intellectual property safe.

According to the report, adware topped the list of mobile threats, with Trend Micro now documenting more than five million Android threats to date.

Trend Micro researchers also found zero-day exploits targeting Adobe software usedh malvertisements and no longer required victims to visit or interact with malicious sites to become infected.

The researchers found that iOS and point-of-sale systems continue to be targeted, but considering exploitations in these areas have been in their infancy for several years, researchers believe this rise is primarily due to a lack of preparedness that can be addressed

Businesses and individuals need to ask if they are doing enough to protect themselves from security threats, said Genes.

“While we need to constantly update our systems to protect against new attacks, the first quarter of 2015 clearly showed we need to also watch out for older threats, and how no industry or system should feel exempt,” he said.

Read more on Hackers and cybercrime prevention