The Heartbleed and Shellshock bugs, online and mobile banking threats, the Sony data breach and a surge in ransomware and other malware: that about sums up 2014. The year was marked by a litany of large-scale attacks, according to a breakdown of events by Trend Micro.
The firm has released its annual security roundup report, entitled Magnified Losses, Amplified Need for Cyber-Attack Preparedness, which noted that the unprecedented number of point-of-sale (PoS) breaches during the year can be largely accredited to the rise of RAM scrapers, now not only used by retailers, but hotels, restaurants, and parking lots, among others. It gave malware authors a rich canvas with which to work.
“A wider variety of PoS RAM scraper families was also seen in 2014 compared with 2013,” Trend Micro said in the report. “PoS malware creation could be considered more robust, as evidenced by the addition of more technologically advanced capabilities in newer variants, even if these took pages off their older counterparts.”
Meanwhile, attackers backed away from Windows exploit during the year, but the report points out the increase of exploits for open-source software, which led to much bigger attacks. Open-source components are almost ubiquitous in today’s software landscape.
“Heartbleed and Shellshock proved that even open-source applications, which were believed more secure than their commercial counterparts, were vulnerable to threats,” noted Trend Micro. For instance, both aforementioned bugs particularly affected systems running Linux, which is concerning, given that 67.7% of websites use Linux.
“Open-source software is said to be inherently more secure, as it goes through more reviewers (and thus, more opportunities for any vulnerabilities to be spotted). However, that is not necessarily the case, as OpenSSL and Bash showed,” explained Pawan Kinger, director of Trend Micro Deep Security Labs, in a statement.
And, it doesn’t help much that many high-profile breaches are aided and abetted by SQL Injection, cross site scripting (XSS), broken authentication and other prevailing vulnerabilities in web applications. The firm found that majority of digital users are still vulnerable to cybercriminal attacks that abuse flaws in popular software. The firm noted that a full 19 critical vulnerabilities of widely-used software such as Internet Explorer, Adobe Acrobat/ Reader, Adobe Flash and Java were found and reported in 2014.
Then there was Sony, perhaps the largest of the large-scale events of the year. Trend Micro argues that the incident is not only a case study for business but also one for IT professionals, as it revealed the importance of detecting intruders inside networks.
“The malware used in the breach, WIPALL, is not highly sophisticated, and the attack could have been detected by a healthy knowledge of the network and its probable anomalies,” the report noted. “This reminds IT professionals of the crucial role that a layered, customized defense plays inside very large networks.”