Threat Management, Incident Response, TDR

Cyber threats could put lives at risk, Q2 2015 report explores

Trend Micro's Q2 2015 threat report hit on several issues in the security space, including those that pose an actual physical threat to the public, a string of powerful attacks on government entities and an increase in attacks by lone wolf operators.

The report credited hackers with becoming even more innovative by utilizing not only well-known technologies, but also some unusual methods.

While several high-profile attacks took place during the quarter – the Internal Revenue Service in May and the U.S. Office of Personnel Management system in June – the report pointed to many attacks that could be life threatening. The report singled out an incident in May when researcher Chris Roberts alleged that he hacked into an airplane through its entertainment system while in-flight and increased the engine speed.

“This quarter demonstrated that the potential damage caused by cyber attacks extends far beyond a simple software bug to hacks of airplanes, smart cars and television stations,” said Raimund Genes, Trend Micro's CTO in a written report.

Trend Micro also saw a large increase in the number of Domain Name System (DNS) changer detections in Brazil, up from 14 percent in the first quarter of this year to 81 percent in the second quarter. At the same time, DNS changer detections in the U.S. dropped to two percent in Q2 2015 from 17 percent in Q1.

DNS attacks on home networks are particularly worrisome, Trend Micro noted, because attackers who gain control of vulnerable routers gain visibility on all of the devices connected to them, as well as all of the information they relay.

One type of attack that may have fallen slightly out of favor with cyber criminals is point-of-sale (PoS) malware. Trend Micro detected only 183 instances during the second quarter of the year, down from 259 detections in the previous quarter.

“The slight decline in PoS malware detections could be due to the threat reaching its saturation point,” the report stated.

Although attacks by a single individual may not have been as lucrative as those run by larger groups, Trend Micro pointed out that lone operators can cause issues regionally using PoS and ransomware attacks. Making the company's list was Frapster, a Canadian operator that Trend Micro said stole and sold personal information, and Lordfenix, a Brazilian who sold banking malware.

While the bad guys did make life hard for security officials, the report pointed to several successful law enforcement efforts.

“In a public-private partnership Trend Micro, the FBI, Europol, the US Department of Homeland Security (DHS), and other security vendors took part in taking down a longstanding botnet operation known as 'Beebone' this April,” the report said. “Beebone malware, which we detect as VOBFUS variants, are polymorphic malware created to download other malware.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.