Some of the key security findings of the past year have raised questions about the way we use the Internet and the types of risks we face, says a spokesperson for the Kaspersky Lab ANZ.
2013 saw the continuation of large-scale operations by advanced threat actors, as well as the emergence of specialist ‘for hire’ APT groups focused on hit-and-run operations.
Here is a review of some of the notable incidents that happened this year:
Privacy loss: Lavabit, Silent Circle, NSA and the loss of trust
No IT security overview of 2013 would be complete without mentioning Edward Snowden and the wider privacy implications of his revelations. One of the first visible effects was the shutdown of encrypted e-mail services such as Lavabit and Silent Circle. The reason was their inability to provide such services under pressure from law enforcement and other governmental agencies.
Another story which has implications over privacy is the NSA sabotage of the elliptic curve cryptographic algorithms released through NIST.
Cyber-espionage campaigns: up to 1800 victim organisations in 2013
The majority of the cyber-espionage campaigns that Kaspersky Lab’s analysts have seen were designed to steal data from governmental agencies and research institutions with waves such as Red October, NetTraveler, Icefog and MiniDuke all behaving this way.
The most widespread campaign of the year was the NetTraveler espionage campaign which affected victims from 40 countries all over the world.
For the first time, cybercriminals harvested information from mobile devices connected to the victims’ networks – a clear recognition of the importance of mobile devices to hackers.
Red October, MiniDuke, NetTraveler and Icefog all started by ‘hacking the human’. They employed spear-phishing to get an initial foothold in the organisations they targeted.
Costin Raiu, Director of Kaspersky Lab’s Global Research and Analysis team, commented that these campaigns “were part of an emerging trend that appeared in 2013 – attacks by small groups of cyber-mercenaries who conduct small hit-and-run attacks. Going forward, we predict that more of these groups will appear as an underground black market for ‘APT’ services begins to emerge.”
Hacktivist activities continue
Hacker group ‘Anonymous’ claimed responsibility for attacks on the US Department of Justice, Massachusetts Institute of Technology and the web sites of various governments. Those claiming to be part of the ‘Syrian Electronic Army’ claimed responsibility for hacking the Twitter account of Associated Press and sending a false tweet reporting explosions at the White House – which wiped $136 billion off the DOW. For those with the relevant skills, it has become easier to launch an attack on a web site than to coordinate real-world protests.
The methods used by cybercriminals to make money from their victims are not always subtle. Apart from Bitcoins, which could potentially be stolen, ‘ransomware’ programs have become a popular means of making easy money – as is the case with the Cryptolocker Trojan.