UPDATED 02:02 EDT / JANUARY 19 2015

Kaspersky Lab Founder Eugene Kaspersky NEWS

Corporations were twice as vulnerable in 2014 as in the previous year

Kaspersky Lab Founder Eugene Kaspersky

Kaspersky Lab presented an overview of key events that characterized cyber threats in 2014. Among the incidents analyzed some stand out for size and impact are attacks and malicious campaigns that targeted companies, governments, public and private institutions.

In the last 12 months, the Global Research and Analysis Team of Kaspersky reported seven advanced campaign-oriented cyber attacks that affected more than 4,400 corporate targets in at least 55 countries. The number of victims who suffered targeted attacks in 2014 is also 2.4 times greater than in 2013, when the security lab identified 1,800 corporate targets.

Advanced cyber espionage

Several security incidents, targeted attacks and malicious campaigns were highly acclaimed due to their magnitude and impact. In 2014, companies in more than 20 industries were affected by advanced threats. Among the areas affected: public administration (government and diplomatic offices), energy, research, industry, manufacturing, health, construction, telecommunications, IT, military, aviation, finance and media.

Criminal operators of computer espionage stole passwords, files and audio content, made screenshots, monitored webcams and much more. Presumably, in most cases the attacks were perpetrated by criminals sponsored by states such as the Mask/Careto and Regin campaigns. In other cases it was groups of professional criminals who organized cyber attacks (often using amusing names): HackingTeam 2.0, Darkhotel, CosmicDuke, Epic Turla and Crouching Yeti.

Regin was the first platform of attack known for its ability to penetrate and monitor GSM networks, used by mobile phone networks, in addition to the functions of standard espionage.

The Darkhotel attack aimed at high profile personalities in the corporate sector including CEOs, senior vice presidents, directors of sales and marketing and R&D managers. It hit the victims during their stays in luxury hotels around the world and used compromised in-house Wi-Fi to steal sensitive information.

malware-297722_640Software are in bad shape

The year 2014 also saw a number of fraud campaigns targeted at popular browsers and add-ons common to corporate users. Cybercriminals have focused exclusively on the theft of money from the end users.

These attacks were aimed primarily against governmental bodies such as embassies, intelligence and military installations. The majority of the institutions struck were located in Europe or the Middle East.

In June 2014, the Kaspersky Lab team presented the results of the research on an attack targeting customers of a major European bank and resulting in the theft of half a million euros in a week. In August, hundreds of IP addresses from over 45 countries were affected, according to Kaspersky. In October, another attack occurred on vending machines (ATMs) in Asia, Europe and Latin America resulting in millions of dollars of losses all over the world.

“One of the most effective ways to deliver malware to user computers is to exploit vulnerabilities in Oracle Java and in browsers such as Explorer, Mozilla Firefox, etc. In addition, cybercriminals continue to use exploits for Adobe Reader vulnerabilities. Each year we see how cyber-criminals are creating more inventive ways of luring in their victims,” explained Maria Garnaeva, security expert at Kaspersky Lab’s Global Research and Analysis Team.

Mobile malware

According to Kaspersky, the number of mobile malware apps also increased dramatically in 2014. The company recorded 70,000 new instances of malware in the year 2014 as compared to 2013. More than 90 percent of these apps were written for Android OS.

In addition, SMS Trojans–especially mobile banking Trojans–were popular with malware authors. The company recorded 7,000 such malware of this kind during 2014.

Together with a Malwarebytes, the Kaspersky security team discovered the first Android Trojan that used the Tor anonymizing network itself to penetrate corporate network.

photo credit: marsmet548 via photopin cc; and via Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU