The threat landscape in 2014: epidemics followed by targeted attacks

Kaspersky Lab published a survey entitled “The threat landscape: A practical guide from the Kaspersky Lab experts“. The survey focuses on businesses, which are now becoming the main objects of

Kaspersky Lab published a survey entitled “The threat landscape: A practical guide from the Kaspersky Lab experts“. The survey focuses on businesses, which are now becoming the main objects of cybercriminals’ interest.

Over the past decade the threat landscape has significantly changed. Massive epidemics of viruses and worms are already in the past. The focus has shifted from cybervandalism, with the intention of making a show with millions of affected victims, towards making money. Actually, the attackers started working with greater stealth and precision, paying more attention to commercial organizations than end users.

Today the world is ruled by exploits, designed for targeted activities by Trojans seeking to discreetly steal personal data (billing information is the grand prize) from other people’s computers by rootkits and bootkits – the most dangerous types of malware to date. Trojans are particularly used to create botnets of infected computers, which are employed to send spam (including spam containing malicious codes) and launch DDoS attacks. Kaspersky Lab’s survey specifies that DDoS attacks at commercial organizations are often used as a means of intimidation to threaten you with serious consequences if you do not pay the required money.

Massive epidemics of viruses and worms are already in the past, attackers have started working with greater stealth and precision, paying more attention to commercial organizations than end users.

Trojans comprise a newfangled breed of extortionist malware (ransomware), which disables a user’s machine or encrypts all the data on it and demands ransom for unlocking and decrypting it. As with the world’s offline extortionists, compliance to their rules does not guarantee that the criminals will uphold their end of the deal.

“Until a few years ago, most epidemics involved worms that hijacked the mail system to distribute themselves proactively, harvesting additional contacts from infected machines as they spread. Now, increasing numbers of malicious programs are being deliberately spammed to victim machines, allowing author(s) to control the distribution of their code to a targeted PC population, rather than letting it spread ‘at will’, the survey states.

Such targeted populations often consist more and more of commercial companies’ computers. More details are given in Kaspersky Lab’s new report here.

Tips