Posted November 26, 2014
Welcome to the Cyveillance Weekly Trends Report
Since threat intelligence is constantly evolving, we publish this weekly report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.
- At least they’re consistent: for the 16th consecutive year, the Department of Veterans Affairs failed its annual cybersecurity audit. The investigation sought to find out if the agency was in compliance with the Federal Information Security Management Act (FISMA).
- Microsoft released security updates to address a remote elevation of privilege vulnerability which exists in implementations of Kerberos KDC in Windows. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.
- The future of DDoS may come from Vietnam, India, and Indonesia. Network World reports that although these countries “might not have the most advanced Internet infrastructure, they do have a large number of insecure smartphones coming online, making them the big botnet sources for next year’s distributed denial of service attacks.” The article further highlights that the attackers’ motivation will, not surprisingly, initially be for financial reasons.
Legal and Regulations
- On November 3, the Federal Financial Institutions Examination Council (FFIEC), an interagency body that prescribes principles and standards for the federal examination of financial institutions, released a set of general observations drawn from a cyber security examination work program conducted at more than 500 community financial institutions during the summer of 2014. The FFIEC’s report relates to both cyber security inherent risk and risk management practices and preparedness and includes themes and questions for management of financial institutions to consider concerning cyber security and preparedness.
- Between July and September, information security company SafeNet counted 320 reported data breaches, an increase of 25% compared to the third quarter of 2013. Those security failures exposed more than 183 million customer accounts. And the retail industry was hit hard. Retailers accounted for 31% of records stolen—57,216,390 data records—in 47 data breach incidents, or 15% of the data breach incidents. The only industry accounting for more breaches and lost records was the financial industry, with 77,605,972 (42%) records.
- Researchers at Recorded Future studied Uroburous, Energetic Bear, and APT28, three main malware families out of Russia being used for cyberspying. Their research indicates China’s cyber-espionage motivations are based on economic objectives, while Russia’s motivations are that they “want to show the world they are strong politically and that energy is incredibly important to them.” Uroburous — the name used by G Data Software AG — is also known as Epic Turla by Kaspersky Lab, Snake by BAE Systems, and SnakeNet, and has been around since at least 2008. Targets include governments, embassies, defense industry, research and education, and the pharmaceutical industry. The initial attack vector is either spear phishing emails or watering hole attacks via phony Flash player updates.
Cyveillance clients get access to the entire Weekly Trends Report, covering all of the above topics and much more. Contact us to find out how we can help your organization.