Cyber-threats have grown worldwide over the course of the past year, showing both tactical evolution, greater sophistication and a few significant new trends.
Geographically speaking, Kaspersky Lab has noted especially strong growth in detected threats in African countries, including Nigeria.
“The continued increase in threats and cybersecurity matters certainly shows that African countries are a growing target for cybercrime, and as a result, countries like Nigeria need to pay attention to this reality and the future trends and predictions in this space,” said Dirk Kollberg, senior security researcher, Global Research and Analysis Team (GReAT), Kaspersky Lab.
This dovetails with overriding trends in 2015 globally. The growing number of attacks, the numbers of both attackers and their victims, together with a greater focus on cyber-security in defense budgets, new or enhanced cyber-laws, international agreements and new standards have all redefined the rules of the game.
GReAT described cyber-activity as “elusive” going into 2015: Full of cyber-criminals who are proving hard to catch, cyber-espionage actors who are even harder to attribute, and with privacy often the most elusive of all. That has proven to have come to fruition.
There has, for instance been an evolution of malware techniques to support better cyber-espionage. In 2015, GReAT discovered previously unseen methods used by the Equation group, whose malware can modify the firmware of hard drives, and by Duqu 2.0, whose infections make no changes to the disk or system settings, leaving almost no traces in the system. These two cyber-espionage campaigns surpassed anything known to date in terms of complexity and the sophistication of techniques.
Also, 2015 saw the merger of cybercrime and advanced persistent threats (APTs). In 2015 the Carbanak cyber-criminal gang stole up to $1 billion from financial institutions worldwide using targeted attack methods.
2015 also marked the advent of wars between APTs. In 2015, Kaspersky Lab recorded a rare and unusual example of one cybercriminal attacking another. In 2014, Hellsing, a small and technically unremarkable cyberespionage group targeting mostly government and diplomatic organizations in Asia, was subjected to a spear-phishing attack by another threat actor, Naikon, and decided to strike back. Kaspersky Lab believes that this could mark the emergence of a new trend in criminal cyber-activity.
Overall, the picture that emerges is one of escalation and tactical evolution on the part of the bad guys.
“Select any economic sector at random, and the chances are high that you’ll find something in the media about a cyber-security incident or problem,” Kollberg added. “The same goes for all aspects of everyday life. This year’s cyber-events have resulted in a sharp increase in interest, not only in the world’s media but also in the entertainment industry. Movies and television programs featuring cyber-security issues sometimes resulted in experts appearing as themselves.”
However, in addition to the positive changes of increased public awareness of risk and how to avoid it, 2015 also resulted in some negative outcomes.
“Unfortunately, for many, cybersecurity has become linked to terrorism,” Kollberg said. “Today, attacking and defending internal and external networks, such as the Internet, are subjects of considerable interest to various illegal groups.”
Photo © Dusit