{"id":15073,"date":"2015-06-18T16:58:09","date_gmt":"2015-06-18T16:58:09","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=4077"},"modified":"2019-11-15T13:58:12","modified_gmt":"2019-11-15T11:58:12","slug":"business-threats-over-the-year-q1-2014-2015","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/business-threats-over-the-year-q1-2014-2015\/15073\/","title":{"rendered":"Business Threats over the year: Q1, 2014-2015"},"content":{"rendered":"<p>Kaspersky Lab has just released its <a href=\"https:\/\/securelist.com\/analysis\/quarterly-malware-reports\/69872\/it-threat-evolution-in-q1-2015\/\" target=\"_blank\" rel=\"noopener\">quarterly report on IT threats evolution<\/a>. It\u2019s\u00a0full of woeful figures, showing that threats keep climbing. Judging by dynamics, this trend is here to stay for at least some time. In this post, we take a comparative look at the business-specific threats that Kaspersky Lab\u2019s products users faced in Q1, 2014 through Q1, 2015.<\/p>\n<p><strong>In general it\u2019s bad\u2026<\/strong><\/p>\n<p>According to KSN data, Kaspersky Lab products detected and neutralized a total of 2,205,858,791 malicious attacks on computers and mobile devices in the first quarter of 2015. Twice as much as in Q1, 2014 (1 131 000 866 attacks).<\/p>\n<p>At the same time, compared to <a href=\"https:\/\/securelist.com\/analysis\/quarterly-malware-reports\/59417\/it-threat-evolution-q1-2014\/\" target=\"_blank\" rel=\"noopener\">Q1, 2014<\/a>, there is a sharp, 8.5x drop in the number of new mobile malware installation packages. However, compared to Q4, 2014, there is a 3x growth.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Business Threats over the year: Q1, 2014-2015 #security<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FY6Pi&amp;text=Business+Threats+over+the+year%3A+Q1%2C+2014-2015+%23security\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>The number of new malicious mobile programs overall grew from 103 to 110 thousands, while the number of newly detected banking Trojans, perhaps the most dangerous kind of mobile malware, increased from 1,182 to 1,527. However, compared to Q4, 2014, there is 4.4 \u2013 fold decline.<\/p>\n<p><strong>It\u2019s all about money, again<\/strong><\/p>\n<p>The basic trend is the same: cybercriminals are after money, and everything they do has more or less the same purpose \u2013 to reach others\u2019 bank accounts or to steal valuable data.<\/p>\n<p>Banking malware authors seem to have been especially prolific in Q1, 2015: Kaspersky Lab solutions blocked attempts to launch malware capable of stealing money via online banking on the computers of 929,082 users. This figure represents a 64.3% increase compared to the previous quarter (565,515). It\u2019s also\u00a030% more than in Q1, 2014, but roughly the same as in Q2, 2014 (927k).<\/p>\n<p>Banking malware is the most prevalent kind of financial threat in Q1 \u2013 71%. The rest is Bitcoin-related threats and keyloggers.<\/p>\n<p><strong>APTs<\/strong><\/p>\n<p>Kaspersky Lab experts picked a formidable crop of APT campaigns in 2013-2015: those publicly reported in Q1, 2014 and Q1, 2015, are usually discovered before, sometimes even months ahead.<\/p>\n<p>In Q1, 2014 such campaigns as <a href=\"https:\/\/business.kaspersky.com\/an-outlandish-top-10-of-cybersecurity-events-in-2014\/3497\" target=\"_blank\" rel=\"noopener nofollow\">Mask\/Careto and Turla<\/a> were announced. Both are \u201cseasoned data stealers\u201d, with Mask being more business-oriented than Turla \u2013 the latter has mostly governments, intelligence agencies, military and academia entities in its crosshairs, albeit the pharmaceutical industry is also targeted.<\/p>\n<p>In Q1, 2015 more campaigns were made public \u2013 <a href=\"https:\/\/business.kaspersky.com\/mothership-unlocked-the-equation-apt\/3608\" target=\"_blank\" rel=\"noopener nofollow\">Equation<\/a> (espionage), <a href=\"https:\/\/business.kaspersky.com\/the-great-bank-robbery-carbanak-apt\/3598\" target=\"_blank\" rel=\"noopener nofollow\">Carbanak<\/a> (money stealing), <a href=\"https:\/\/business.kaspersky.com\/the-equation-carbanak-desert-falcons-security-analyst-summit-summary\/3637\" target=\"_blank\" rel=\"noopener nofollow\">Desert Falcons<\/a> (espionage), and Animal Farm (espionage, DDoS).<\/p>\n<p>Also a couple of dire Trojans \u2013 Dyreza banker and PoSeidon, a PoS-attacking Trojan, were revealed.<\/p>\n<p><strong>Carbanak stands out<\/strong><\/p>\n<p>This ultra-massive campaign (see this <a href=\"https:\/\/securelist.com\/blog\/research\/68732\/the-great-bank-robbery-the-carbanak-apt\/\" target=\"_blank\" rel=\"noopener\">sizeable report<\/a>) made headlines due to the huge total losses inflicted, up to $1 bn by February \u2013 maybe more since it is still active.<\/p>\n<p>It is the most \u201cmoney-direct\u201d campaign specifically targeting banks \u2013 and the damage is massive. The campaign operators do think outside the box, using all imaginable tricks to infiltrate bank networks, find the proper victim therein, infect it, and then transfer money electronically, or cash out via ATMs, while effectively covering their tracks.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>APT techniques in time get adopted by pettier criminals. #security<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FY6Pi&amp;text=APT+techniques+in+time+get+adopted+by+pettier+criminals.+%23security\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p><strong>Business and not just that<\/strong><\/p>\n<p>All in all, we see a further increase in numbers of finance-oriented threats, ranging from malware through formidable APT Campaigns. In fact, there\u2019s a blurred line between what should be considered business and non-business threats. The same malware attacks both corporate and individual users, and the same or similar tools are used for both targeted and non-targeted attacks. Both individuals and businesses fall victim to the same banking Trojans and phishing campaigns \u2013 since, in fact, it is people who are ultimately targeted.<\/p>\n<p>APT campaigns may mostly aim at governmental, military, and research organizations \u2013 along with the largest corporations \u2013 but after awhile, the same techniques are adopted by the criminals taking on commercial entities, and not only the large ones.<\/p>\n<p>We have said before that cybersecurity is everybody\u2019s business, and to ensure the efficient protection all kinds of threats should be considered and addressed.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky Lab has just released its quarterly report on IT threats evolution. It&#8217;s full of woeful figures, showing that threats keep climbing. Judging by dynamics, this trend is here to stay for a time.<\/p>\n","protected":false},"author":209,"featured_media":15659,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3021],"tags":[2082,499,2302],"class_list":{"0":"post-15073","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-enterprisesec","10":"tag-apt","11":"tag-protectmybiz"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/business-threats-over-the-year-q1-2014-2015\/15073\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/business-threats-over-the-year-q1-2014-2015\/15073\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/business-threats-over-the-year-q1-2014-2015\/8117\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/business-threats-over-the-year-q1-2014-2015\/15073\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/enterprisesec\/","name":"#EnterpriseSec"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=15073"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15073\/revisions"}],"predecessor-version":[{"id":24580,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15073\/revisions\/24580"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/15659"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=15073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=15073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=15073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}