Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

Tuesday, March 03, 2020

Kaspersky warns APAC on several cyber threats looming this year

02/27/2020 03:32:59 PM

Cybersecurity brand Kaspersky has recently revealed its five trends to watch out in the Asia-Pacific region.


As the new year and a new decade opened nearly two months ago, an increase in mobile malware and cybercriminals groups exploiting mobile devices and known threat groups using new attack methods and tools are expected to take place. 

Derived from the observations and findings collated by the global cybersecurity company’s Global Research and Analysis Team (GReAT) last year combined with industry and technology trends, the predictions aim to provide guidance and insights for the cybersecurity industry and relevant stakeholders in APAC.

More mobile threats

As more cyber users are using mobile devices, cybercriminals also focus on them. In fact, several different Android and iOS 0-days were reported last year, like the watering hole spyware discovered on iOS which can get hold of confidential data like iMessage photos and GPS location. The interest in compromising mobile platforms with persistence is continuous to grow, which is why Kaspersky expects to see more threats when mobile exploits become a commodity and the price for it goes down.

“Mobile users in the Asia Pacific remain vulnerable to social-engineering which is up to this time one of the most common attack vectors. Common users are often tricked by online scams, automated dialers, sextortion attempts, and free online services offering free streaming video, which often come with a hidden in-browser cryptocurrency miner,” says Vitaly Kamluk, Director for Global Research and Analysis Team (GReAT) the Asia Pacific at Kaspersky.

New techniques and new platforms from known threat actors

The previous year saw Kaspersky researchers exposing the Advanced Persistent Threats (APT) actors active in this region taking on new techniques and approaches such as using steganography by Ocean Lotus or Developing malware in Nim programming language by Zebrocy or using malicious LNK files by HoneyMyte. Aside from that, they have seen Ocean Lotus with their new iOS malware in 2019, with threat actor being active in adopting new techniques, that complicates malware analysis on purpose.

More attacks targeting countries involved in “Belt and Road Initiative (BRI)”

Also, the worldwide-recognized cybersecurity firm discovered there were at least a few threat actors targeting countries in the region involved in “BRI '' such as Ocean Lotus, Lucky Mouse, and HoneyMyte and with more advancements in different aspects of this initiative, it’s likely to see more attacks motivated by it.

The Belt and Road Initiative is defined as a program that aims to connect China to the world. Announced in 2019, the project aims to link the country to three continents of Asia, Africa, and Europe through interlinked land and maritime networks, with its end game objective, to ramp up trade and economic growth and to boost regional integration.

Supply chain attacks remain one of the largest threats

Also, in the said timeframe, Kaspersky researchers saw a breach of software supply chain companies in Asia, with a threat actor known as ShadowPad/ShadowHammer, believed to its culprit. It is also worth noting that a Kaspersky-conducted survey showed that successful supply chain attacks can cost as much as $2.57m on average.

Given that this group has been active in the past several years doing similar attacks on a lower scale, Kaspersky expects this actor to continue, and also other groups to move into this segment. With all that said, the antivirus and anti-malware company keeps an eye to potential reports of software supply chain companies being compromised.

Olympic Games in Japan

Politically-motivated attacks usually take place even during the Olympic Games, and it can be more prevalent with all the high-political tension in many regions of the world. That said, several independent attacks may, unfortunately, take place in time for the upcoming Olympic Games in Tokyo, Japan. 

“With its developed countries at the forefront of 5G technology and Industry 4.0 and its emerging economies with hyper-online and highly mobile and young population, Asia Pacific is definitely at the center of the new technologies and trends that will define the new decade. These truths combined with the geopolitical structure of the region will definitely shape its landscape in the region. Organizations and individuals can use our predictions to guide them better in their decision-making especially when it comes to boosting their cybersecurity habits and culture,” comments Stephan Neumeier, Managing Director for the Asia Pacific at Kaspersky.

The predictions have been developed based on Kaspersky threat intelligence services from around the world. The full list of Kaspersky Threat Predictions for 2020 is available on Securelist.com.

This list of predictions is a part of the Kaspersky Security Bulletin (KSB) - annual series predictions and analytical articles on key changes in the world of cybersecurity.

Author: slickmaster | © 2020 The SlickMaster's Files

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!