ICFE eNEWS #15-02 - January 7th 2015
Researchers Release 2015 Cybercrime Predictions and Trends
ESET's Global Research Team Unveils the Top Security Risks in
the Coming New Year
The "ICFE's Certified Identity Theft Risk Management Specialist"
- CITRMS® educational and certification testing program is now in
its eighth year with over 3500 certificants. The main purpose is
to comprehensively prepare and equip law enforcement professionals,
financial planners and CPA's, resolution advocates, notaries, lawyers,
credit and debt counselors, through education, testing and computer
software training, with the knowledge and skills necessary to help
consumers and businesses fully assess and minimize their present
risk of credit and identity theft. All of these professionals -
who are now the front line of defense in the fight against credit
and identity theft for their clients and constituents - will also
have a heightened sense of awareness about this so-called silent
pioneer in proactive protection for more than two decades, has compiled
a summary of the top cybercrime trends and predictions for 2015.
While internet privacy and Android malware dominated the industry
in 2014, an increase of sophisticated cyber attacks and risks associated
with the Internet
of Things and
mobile payments top the list of what ESET expects to see in 2015.
The Rise of Targeted Attacks
will continue to become more sophisticated in 2015. Often referred
to as Advanced Persistent Threats (APT), these attacks are different
from traditional cyber attacks as they target a specific victim
or group. They are often lurk undetected on less secure networks.
"Targeted attacks most commonly take advantage of social engineering
techniques, where psychological manipulation is used to encourage
potential victims into performing actions or divulging confidential
information," said Pablo Ramos, head of the research lab at ESET
Latin America. " Attacks also take the form of zero-day exploits,
where attacks exploit newly discovered vulnerability on a particular
operating system or application."
During 2014, ESET's WeLiveSecurity blog
published a number of comprehensive, technical overviews of targeted
attacks, such as the BlackEnergy
campaign and Operation
More Malware Coming to Mobile Payments
From BitCoin to Apple Pay, this past year saw a wave of innovative
payment methods. But with the arrival of these new technologies,
hackers are eager for a new challenge. The largest known digital
payment attack to date occured in 2014, with a hacker reportedly
harvesting more than $600,000 in Bitcoins and Dogecoins by using
a network of infected machines.
"As users begin to adopt
online payment systems as a means to pay for services and goods,
these systems become more attractive to malware authors interested
in financial gain," continued Ramos.
With U.S. banks adopting
EMV by October 2015 and the growing popularity around tokenization,
banking security is taking a step in the right direction, however
we expect to see new banking-related trojans, ransomware and other
forms of malware.
Internet of Things - New Toys for
As new devices connect to the Internet and store
more data, they also become an attractive attack vector for cybercriminals.
During 2014, we have seen evidence of this growing trend, with attacks
on cars, televisions, biometric systems on smartphones, routers
- not to mention Google glasses.
"The Internet of Things
presents an emerging opportunity for cybercrime and should remain
an area of focus for the security industry," said Camilo Gutierrez,
senior security researcher at ESET Latin America. "While it may
take years to become a serious prevalent threat, we must act now
to better prevent these types of attacks."
published a webinar focused on the
security lessons learned in 2014. This webinar is aimed at helping
businesses align their security procedures with industry best practices
in the coming year.
For more information on security predictions
and trends in 2015, please visit WeLiveSecurity.com.
Since 1987, ESET® has
been developing record
software that now helps over 100 million users to Enjoy Safer Technology.
Its broad security product portfolio covers all popular platforms
and provides businesses and consumers around the world with the
perfect balance of performance and proactive protection. The company
has a global sales network covering 180 countries, and regional
offices in Bratislava, San Diego, Singapore and Buenos Aires. For
more information visit Eset.com or
follow us on LinkedIn, Facebook and Twitter.