Q2 2018 Security Update: Cyberthreat Watch for Software Developers

Get information on the latest cyberthreats and how ISVs need to respond to protect their clients.

The cyberthreat landscape is always changing, so it’s vital to stay informed of trends that can impact your business. Here are four cybersecurity challenges your clients need solutions for today:

Email Attacks, Phishing and Spear Phishing

Malware delivered via email continues to be a major attack vector. Symantec’s March 2018 Threat Report states the email malware rate rose to 1 in 635 from a January low of 1 in just under 800. Symantec reports that the phishing email rate is now 1 in 2,981.

An emerging threat your clients need to be aware of is spear phishing email content generated by artificial intelligence (AI). MIT Technology Review explains cybercriminals are using AI to craft believable email messaging, which could increase the likelihood that the specific people they target will interact with the messages or be tricked into providing sensitive information.

Action Items
  • Help your clients educate employees on email best practices
  • Offer solutions that block malicious emails
  • Business size at greatest risk for email malware: medium-sized businesses with 251 to 500 employees
  • Business size at greatest risk for phishing: enterprises with more than 2,501 employees
  • Industries experiencing the most attacks: mining, agriculture, forestry and fishing, finance, insurance and real estate
Malware and Ransomware

According to McAfee Labs’ March 2018 Threat Report, fileless malware attacks (i.e., PowerShell), which can run scripts directly in memory, increased by 432% in 2017. The severity of this cyberthreat is related to the fact that the malware is never copied to a disk, so endpoint security may not have the ability to detect it.

The McAfee report also shows continued growth of ransomware, up 35% in Q4 2017, and new types of attacks, including pseudo-ransomware with a goal of disruption as well as monetary gain.

Q1 2018 began with continued botnet attacks targeting IoT systems, primarily for the purpose of denial of service, and with news of Spectre and Meltdown, widespread vulnerabilities in computer chips that researchers discovered late last year.

Action Items
  • Update your clients’ solutions to respond to new cyberthreats
  • The healthcare industry is a prime target; McAfee reports attacks in this sector increased by 210% in 2017. 
EMV and Payment Security Vulnerabilities

EMVCo released EMV adoption statistics for 2017. The U.S., which began its transition to the technology in 2015, trails all other parts of the world at only 41.21% adoption, up from 18.61% in 2016. The U.S. was years behind other regions that transitioned to the chip card technology aimed at combatting card-present card fraud. Most other regions have from 88% to more than 98% adoption of EMV, with the exception of Asia at 54.4%.

Your clients without EMV technology may become targets for card fraud if criminals determine they can use counterfeit mag stripe cards at their establishments. Furthermore, since the liability for fraudulent purchases shifted from issuing banks to merchants if they don’t have EMV-compliant systems, your merchant clients without EMV technology will also receive chargebacks to cover the amount of fraudulent purchases.

Action Items
Emerging Cyberthreat: Cryptocurrency Mining

IBM Managed Security Services (MSS) reports a marked increase in attacks using embedded mining tools hidden in image files, in compromised Joomla or WordPress web servers, or on compromised JBoss Application Servers. Cybercriminals used these schemes to try to mine CryptoNote-based currencies.

The McAfee Labs March 2018 Threat report explains by using other people’s computing power, cybercriminals save the cost of a dedicated mining machine. McAfee comments on the growth of this type of attack: “This shift reinforces the point that cybercriminals will always seek to combine the highest returns in the shortest time with the least risk.”

Action Items
  • According to IBM MSS, your clients in these industries are most at risk: manufacturing, financial services, arts and entertainment, information and communication technology, and retail
  • Use best practices to block coin mining domains

Help your clients educate employees on email best practices Offer solutions that block malicious emails Business size at greatest risk for email malware: medium-sized businesses with 251 to 500 employees Business size at greatest risk for phishing: enterprises with more than 2,501 employees Industries experiencing the most attacks: mining, agriculture, forestry and fishing, finance, insurance and real estate

For more security news and insights, visit DevPro Journal’s Security resources page. cyberthreat