2015 Cybercrime Primer – Knowledge Means Protection

Here’s an easy primer with predictions from security labs to keep you informed about what to expect this year in cyber threats.  There is no reason to become fearful.  Simply become smarter about how you use the internet.

Cyber Espionage

Cyber espionage attacks will continue to increase in frequency during 2015.

Long-term players will become stealthier information gatherers.
Sophisticated cybercriminals will shift from quick attacks to intelligence gathering.
Newcomers will look for ways to steal money and disrupt their adversaries.

Types of cyber espionage actors:

State-affiliated – 87%

Organized crime – 11%

Competitor – 1%

Former employee – 1%

The Internet of Things

The Internet of Things (IoT) is the network of physical objects or “things” embedded with electronics, software, sensors and connectivity to enable it to achieve greater value and service by exchanging data with the manufacturer, operator and/or other connected devices.

Each thing is uniquely identifiable through its embedded computing system but is able to inter-operate within the existing Internet infrastructure.

Attacks on Internet of Things devices will increase rapidly due to hypergrowth in the number of connected objects, poor security hygiene, and the high value of data on IoT devices.

Over 50 billion global Internet-connected devices by 2019.

Attacks against IoT devices are already commonplace.

• IP cameras.

• smart meters.

• healthcare devices.

• SCADA devices

Note: SCADA (supervisory control and data acquisition) is a category of software application program for process control, the gathering of data in real time from remote locations in order to control equipment and conditions.


Data privacy will remain under threat as governments and businesses grapple with what is fair and authorized access to personal information.

Antiquated role-based systems and password schemas will fail and be taken over by those with malicious intent.

There will be an ever-increasing creep in the scope of data privacy rules and regulations.

Biometrics and IDs in context will be key areas for innovation and likely the best indicators of presence and intent.


Ransomware will evolve its methods of propagation, encryption, and targets.

The total number of ransomware samples in one of the security lab’s zoo surpassed 2 million in Q3 2014.

Ransomware will target endpoints that subscribe to cloud-based storage services, attempting to exploit the stored credentials of logged-on users to also infect data backed up to the cloud.

Security companies observed the theft of $255,000 in a single month in one CryptoLocker ransomware instance.


We expect the technique of ransomware targeting data backed up to the cloud to be repeated in the mobile space.

Mobile attacks will continue to grow rapidly as new technologies expand the attack surface and app store abuse goes unchecked.

The adoption of near-field communication (NFC) for digital payments from mobile devices will attract cyberthieves.

Expect a rise in ransomware targeting mobile devices using virtual currency as the ransom payment method.

Untrusted app stores will be a major source of mobile malware, driven by “malvertising”.

The growing availability of malware-generation kits and source code will make it easier for cybercriminals to target mobile devices.

Mobile malware samples grew by 16% this quarter and 112% in the past year.

The total number of mobile malware samples exceeded 5 million in Q3 2014.

Malware Beyond Windows

22,487 Attacking IP Addresses

In the first four days after announcement, Shellshock related attacking IP addresses totaled 22,487.  “Shellshock”  is a bug, more correctly termed, ‘vulnerability’, that potentially allows attackers to gain control over targeted computers.

Devices such as routers, TVs, industrial controllers, flight systems, and critical infrastructure could  contain this vulnerability.

Attackers will capitalize on Shellshock by ex-filtrating data, holding systems ransom, and assimilating spam bots.