Posted December 23, 2014
Welcome to the Cyveillance Weekly Trends Report
Since threat intelligence is constantly evolving, we publish this weekly report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.
Legal and Regulations
- The National Institute of Standards and Technology (NIST) recently released an update on its Framework for Improving Critical Infrastructure Cybersecurity (The Framework). The Framework was first issued in February 2014 as a voluntary risk-based program to enable owners and operators of U.S. critical infrastructure to assess and remediate their cybersecurity risks. NIST welcomes ongoing feedback via email at firstname.lastname@example.org. It is soliciting input as to how organizations are using the Framework, and requesting specific suggestions for improvement and for possible outreach activities.
- In early November, the FBI and Europol announced ‘Operation Onymous‘ – a joined-up international law enforcement action which saw the take-down of hundreds of dark markets on anonymous networks like Tor. These websites – which included Silk Road 2.0 – were selling illegal goods including weapons, drugs and hacker tools. However a report recently uncovered by SCMagazineUK.com sheds some doubt on how effective this action has been, with most darknet sellers, advertisers and buyers moving onto new – or undisturbed – market places.
- Holiday shopping is up 15% from last year to $42.5 billion, according to a new comScore report. At least $1 billion of those figures came from online desktop sales. Additionally, retail cyber security remains a priority for companies in light of data breaches at Target, Home Depot, Neiman Marcus and others in the past couple years. Chief Information Security Officers (CISO) positions have become more common in retail companies’ senior leadership teams.
- The experts from Kaspersky Lab’s Global Research and Analyst Team have compiled a list of top emerging threats in the APT world for 2015 which includes fragmentation of largest APT groups, targeting executives through hotel networks, enhanced evasion techniques, and new methods to exfiltrate data. APT groups will evolve to become stealthier and sneakier, in order to better avoid exposure.