table of contents1.0 Executive Summary…………………………………………………………………………………22.0 Scammers will continue to run profitable ransomware scams…………………32.1 Description of Threat2.
2 Nature ofThreat2.3 Mitigationof Threat2.4 Conclusion3.0 2. Distributed denial-of-service (DDoS) willcontinue to rise as a threat…. 43.1 Descriptionof Threat3.
2 Nature ofThreat3.3 Mitigationof Threat3.4 Conclusion4.0 TextReferences 1.0 Executive Summary In thisreport, I will be writing about the internet security threats listed under the”The Threat Landscape in 2014 and Beyond: Symantec and Norton Predictions for2015, Asia Pacific & Japan”Over theyears the battle between those wanting to create new threats and exploitvulnerabilities and those that want to protect against them are very likely tointensify. Growth in the Internet of Things also means people will be moreconnected—and with this connectivity comes the potential for even more securityrisks.Will theInternet of Things invite a whole new wave of security attacks?The two threatsI have chosen to write about are;1.
Scammerswill continue to run profitable ransomware scams. Why this is so being attackershave developed their techniques while enterprises in all sectors have failed topatch out critical security loopholes. So many businesses are vulnerable because they’ve failed to implementthe necessary security precautions, including offline backups. Everyone movedaway from offline backups with it being slow and such. Nowadays, with cloud andonline backups, people have totally neglected it. Therefore, if your PC is caught,what other choice do you have but to pay the ransom to get access back to it. 2.
Distributeddenial-of-service (DDoS) will continue to rise as a threat.Once the realm of boredteenagers engaging in some wanton cybervandalism, they are now a favourite toolof career cybercriminals, hacktivists, and even nation states.With the availability ofready to use DDoS tools that can be found online it’s no surprise that DDoS isso popular and widely executed. The advancement of the Internet ofThings is making millions of poorly secured devices available to be roped intobotnets too. 2.0 Threat one: Scammerswill continue to run profitable ransomware scams.
2.1 Description of ThreatAccording toSymantec’s Internet Security Threat Report, ransomware attacks grew by 500% andturned vile in the latter part of 2013. This growth was largely due to thesuccess of Ransom crypt, commonly known as Crypto locker. This aggressive formof ransomware made up 55 percent of all ransomware in the month of Octoberalone.How thisthreat works is by encrypting a user’s files and then proceed to request aransom for the files to be unencrypted and returned to the user. Ransomwarecauses even more damage to businesses where not only the victims’ files areencrypted but also files on shared or attached network drives. Recentlyransomware makers have started leveraging using online and electronic paymentsystems such as Bitcoins, Webmoney, Ukash, to get around the challenge of peoplenot being to pay for ransom fee. Crooks like the relative anonymity andconvenience of electronic payments and these are already readily available, evenmore so with the growth of the IOT posing a greater risk for enterprises andconsumers from losing data, files or memories.
2.2 Natureof ThreatFirst, what isransomware? Ransomware is a type of malicious software that inhibits useraccess to files or systems, holding files or entire devices hostage usingencryption until the victim pays a ransom in exchange for a decryption key, whichgives the user access back to the files or systems encrypted by the program.Ransomwarehas been an outstanding threat to enterprises, SMBs, and individuals alikesince the mid-2000s. In fact, there were more than 7,600 ransomware attacksreported to the Internet Crime Complaint Centre (IC3) between 2005 and March oflast year, outnumbering the just over 6,000 data breaches reported during thesame time. In 2015, IC3 received 2,453 ransomware complaints that cost victimsover $1.6 million.
The firstknown attack was initiated in 1989 by Joseph Popp, PhD, an AIDS researcher, whocarried out the attack by distributing 20,000 floppy disks to AIDS researchers,claiming that the disks contained a program that analysed an individual’s riskof acquiring AIDS using a questionnaire. However, the disk also contained amalware program that initially remained dormant in computers, only activatingafter a computer was powered on 90 times. After the 90-start threshold wasreached, the malware activated and a message demanding a payment of $189 and$378 for a software lease.
This ransomware attack became known as the AIDSTrojan, or the PC Cyborg.