{"id":15043,"date":"2014-12-23T17:00:16","date_gmt":"2014-12-23T17:00:16","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=3461"},"modified":"2020-02-27T03:52:22","modified_gmt":"2020-02-26T16:52:22","slug":"attacks-towering-the-number-of-corporate-targets-increased-2x-in-2014","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/attacks-towering-the-number-of-corporate-targets-increased-2x-in-2014\/15043\/","title":{"rendered":"Attacks towering: the number of corporate targets increased 2x in 2014"},"content":{"rendered":"<p>Among the key events that <a href=\"https:\/\/www.kaspersky.com\/about\/news\/virus\/2014\/Kaspersky-Lab-number-of-corporate-sector-targets-in-2014-has-more-than-doubled-since-2013\" target=\"_blank\" rel=\"noopener nofollow\">defined the threat landscape of 2014<\/a>, targeted attacks and malicious campaigns stand out, particularly in terms of their scale and impact on businesses, governments, public and private institutions. Over the last 12 months, our Global Research and Analysis Team (GReAT) reported seven advanced persistent cyber-attack campaigns (APTs). Between them, these accounted for more than 4,400 corporate sector targets in at least 55 countries worldwide. This year also saw a number of fraud campaigns that resulted in losses totaling millions of dollars. The number of victims affected by targeted attacks in 2014 is 2.4 times that of 2013. A thought-provoking figure, is it not?<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Attacks towering: the number of corporate targets increased 2x in 2014<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FV3Bo&amp;text=+Attacks+towering%3A+the+number+of+corporate+targets+increased+2x+in+2014\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Cyberespionage APT campaigns, as well as fraud operations, were of special note this year, with a growing number of large-scale APT campaigns discovered.<\/p>\n<p>Kaspersky Lab has recently launched a new interactive <a href=\"https:\/\/apt.securelist.com\/\" target=\"_blank\" rel=\"noopener\">\u201cLogbook\u201d<\/a> of APT campaigns featuring ongoing campaigns and those that cease to exist.<\/p>\n<p style=\"text-align: center;\">\n<\/p><p>There are 13 active APT campaigns, 3 more ceased activities earlier this year, and 8 had been publicized in 2014:<\/p>\n<ul>\n<li><a href=\"https:\/\/securelist.com\/blog\/events\/58238\/a-glimpse-behind-the-mask\/\" target=\"_blank\" rel=\"noopener\">Careto\/Mask<\/a><\/li>\n<li><a href=\"https:\/\/business.kaspersky.com\/miniduke-is-back\/2189\" target=\"_blank\" rel=\"noopener nofollow\">Miniduke<\/a>\/<a href=\"https:\/\/securelist.com\/blog\/incidents\/64107\/miniduke-is-back-nemesis-gemina-and-the-botgen-studio\/\" target=\"_blank\" rel=\"noopener\">CosmicDuke<\/a><\/li>\n<li><a href=\"https:\/\/business.kaspersky.com\/crouching-yeti-got-caught-anyway\/2309\" target=\"_blank\" rel=\"noopener nofollow\">Energetic Bear\/Crouching Yeti<\/a><\/li>\n<li><a href=\"https:\/\/business.kaspersky.com\/epic-turla-catching-the-reptiles-tail\/2350\" target=\"_blank\" rel=\"noopener nofollow\">Epic Turla<\/a> (<a href=\"https:\/\/business.kaspersky.com\/no-penguin-left-behind-epic-turla-apts-linux-component-discovered\/3435\" target=\"_blank\" rel=\"noopener nofollow\">with late additions<\/a>)<\/li>\n<li><a href=\"https:\/\/securelist.com\/blog\/research\/66108\/el-machete\/\" target=\"_blank\" rel=\"noopener\">El Machete<\/a><\/li>\n<li><a href=\"https:\/\/business.kaspersky.com\/the-dark-story-of-darkhotel\/2829\" target=\"_blank\" rel=\"noopener nofollow\">Darkhotel<\/a><\/li>\n<li><a href=\"https:\/\/securelist.com\/blog\/research\/67741\/regin-nation-state-ownage-of-gsm-networks\/\" target=\"_blank\" rel=\"noopener\">Regin<\/a><\/li>\n<li><a href=\"https:\/\/business.kaspersky.com\/partly-cloudy-october-a-spiritual-successor-to-redoctober-apt-revealed\/3428\" target=\"_blank\" rel=\"noopener nofollow\">Cloud Atlas<\/a><\/li>\n<\/ul>\n<p>Some of these are reincarnations of older threats. Regin and Darkhotel have been active since the first half of the 2000s, which makes them the oldest known APTs \u2013 even older than Stuxnet. Although its authors had largely been considered the openers of a Pandora\u2019s box full of cyber-weaponry, the box had been opened before.<\/p>\n<p>Overall, in 2014, organizations in at least 20 sectors were hit by advanced threat actors. The sectors include the public sector (government and diplomatic offices), energy, research, industrial, manufacturing, health, construction, telecoms, IT, private sector, military, airspace, finance and media, among others. This is the face of cyber-espionage today, and it\u2019s not hard to imagine how much sensitive data is leaking due to APT groups\u2019 activities.<\/p>\n<p>Speaking of leaks, the overall damage caused by <a href=\"https:\/\/business.kaspersky.com\/with-the-doors-wide-open-yet-another-sony-megahack\/3408\" target=\"_blank\" rel=\"noopener nofollow\">the huge hack of Sony Pictures<\/a> is not yet known, but it\u2019s already clear it will be drastic. It was a narrowly targeted attack, probably with some grudges as the criminals\u2019 primary motive, but that has yet to be established or disproved. For now, what is known is that more than 11 TB of data were leaked, including movie scripts, executives\u2019 and producers\u2019 emails, a lot of dirty laundry for tabloids to gnaw upon and \u2013 what is especially troubling \u2013 troves of personally identifiable data of more than 6,000 Sony Pictures Entertainment employees.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Sony Pictures #hack looms menacingly over 2014. Hopefully, it\u2019ll be a wake-up call #enterprisesec<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FV3Bo&amp;text=Sony+Pictures+%23hack+looms+menacingly+over+2014.+Hopefully%2C+it%26%238217%3Bll+be+a+wake-up+call+%23enterprisesec\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Also, this year was marked with a few cases of large-scale fraud resulting in the theft of millions of dollars and euros. These attacks were not just against banks, but ATMs as well. Next year, Kaspersky Lab\u2019s experts expect to see further evolution of these ATM attacks, where APT techniques are used to gain access to the \u201cbrains\u201d of cash machines. The next stage will see attackers compromising the networks of banks and using that level of access to manipulate ATM machines in real-time.<\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/102\/2014\/12\/06020234\/attacks_wide-1.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-3463\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/102\/2014\/12\/06020234\/attacks_wide-1.jpg\" alt=\"attacks_wide\" width=\"1000\" height=\"666\"><\/a><\/p>\n<p>A detailed overview of 2014 in security, as well as predictions by Kaspersky Lab\u2019s experts is available <a href=\"https:\/\/securelist.com\/analysis\/kaspersky-security-bulletin\/68052\/kaspersky-security-bulletin-2014-malware-evolution\/\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/p>\n<p>We highly recommend you watch this fancy video below.<\/p>\n<p style=\"text-align: center;\"><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/eh3IdYR3hg0?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>So, criminals are increasingly targeting corporate entities \u2013 2.4 times growth this year, compared to 2013. What does it mean?<\/p>\n<p>First of all, criminals are looking for more direct access to money, which is a much-discussed trend. Not only money, though: Targeted APT attacks are launched in order to extract sensitive and valuable information from businesses in all industries imaginable. The situation will only become more and more tense, since it is very likely that \u201ccommon\u201d <a href=\"https:\/\/business.kaspersky.com\/the-crystal-ball-of-facts-2015-apt-predictions\/3417\" target=\"_blank\" rel=\"noopener nofollow\">cybercriminals will increasingly adopt APT tactics<\/a>. So we\u2019ll definitely hear more about APTs next year.<\/p>\n<p>Finally, the criminals\u2019 successes are the victims\u2019 security shortcomings. Sony Pictures\u2019 hack is especially indicative of this: super-secret passwords in a super-secretive folder \u201c\/Passwords\u201d. But it\u2019s wishful thinking to assume Sony Pictures is the only entity whose IT staff made mistakes that big, no matter the industry. Hopefully this serves as a wake-up call for the people responsible for IT security in their companies and organizations.<\/p>\n<p>For a more detailed overview of 2014 please refer to <a href=\"https:\/\/securelist.com\/analysis\/kaspersky-security-bulletin\/68052\/kaspersky-security-bulletin-2014-malware-evolution\/\" target=\"_blank\" rel=\"noopener\">Securelist<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The number of corporate-targeting attacks increased this year more than two times compared to 2013. Why?<\/p>\n","protected":false},"author":209,"featured_media":15800,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,2994],"tags":[2268,2269,282],"class_list":{"0":"post-15043","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-apt-campaigns-in-2014","10":"tag-banking-security","11":"tag-cybersecurity"},"hreflang":[{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/attacks-towering-the-number-of-corporate-targets-increased-2x-in-2014\/15043\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/attacks-towering-the-number-of-corporate-targets-increased-2x-in-2014\/15043\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/attacks-towering-the-number-of-corporate-targets-increased-2x-in-2014\/15043\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.au\/blog\/tag\/apt-campaigns-in-2014\/","name":"APT campaigns in 2014"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/15043","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/comments?post=15043"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/15043\/revisions"}],"predecessor-version":[{"id":26609,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/15043\/revisions\/26609"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media\/15800"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media?parent=15043"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/categories?post=15043"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/tags?post=15043"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}