Companies are increasingly falling victim to cyber-attacks, an IT security product firm says. According to a recent survey by Kaspersky Lab and B2B International, 91 per cent of organisations have suffered a cyber-attack at least once in last 12 months, while 9 per cent were the victims of targeted attacks – carefully planned activity aimed at infecting the network infrastructure of a specific organisation. And these are just estimates. The extensive use of digital devices in business has created ideal conditions for cyber espionage and the deployment of malware capable of stealing corporate data. The potential is so great that malicious programs may soon completely replace company insiders as the way of gathering information.
The main corporate findings of the year:
· spyware-led attacks related to various governments were revealed;
· most cyber criminal incidents were aimed at stealing information;
· attacks on contractors were identified, instead of reaching big organisations;
· new actor on the APT stage appeared: cyber mercenaries conducting cyber espionage on demand.
Attackers’ goals
2013 saw some major disclosures about spyware-led attacks that were related, directly or indirectly, to the activities of various governments’ agencies. Other significant actors on the corporate cyber threat scene were businesses that turned to cybercriminals to penetrate their competitors’ networks.
Outsourced cyber-criminal forces performed operations that were usually aimed at stealing information
Vitaly Kamluk, Principal Security Researcher of Kaspersky Lab’s Global Research and Analysis Team, comments, “Mass distribution of malicious programs can affect any company, even a small commercial organisation, resulting in the loss of money and intellectual property. Cybercriminals are continuously improving their malware, using unconventional approaches and solutions, from so-called encryptors and shredders that spread like the plague in a corporate environment, to an army of zombies that devours every available resource on web servers and data transfer networks. In 2013 we also fixed the first case of targeting supply chains – not being able to reach big organisations, cybercriminals get their ‘weak point’, compromising contractors, as in the Icefog attacks.”
The rise of the cyber mercenaries
Over the past few years, Kaspersky Lab have observed big and noisy APT gangs all over the world targeting large numbers of organisations from almost all sectors. They stayed in compromised networks for weeks and even months at a time, stealing every shred of information they could get. However, that approach stands less and less chance of going unnoticed for long, damaging their prospects of success. That’s why a new emerging trend is witnessed: small hit-and-run gangs that attack with surgical precision. They appear to have good knowledge of what they need from the victims. Basically, this kind of attacker comes along, steals what they want and leave. Kaspersky Lab’s experts have named them “cyber mercenaries” – an organised group of people conducting cyber espionage/cyber sabotage activities on demand, following the orders of anyone who pays them.
Icefog
Consequences of government-related disclosures
The infamous disclosures of 2013 could potentially lead to a kind of de-globalisation and greater interest in creating national equivalents of global services. Those new national software products and services delivered by local manufacturers may not be of the same quality as those of the larger international companies. The investigation of cyber-attacks suggests that the smaller and less experienced the software developer is, the more vulnerabilities will be found in its code. As a result targeted attacks become easier and more effective.
The full report is available on securelist.com
Expert opinion on 2013’s corporate threats – watch video.