pixel_dreams - Fotolia
Security industry warns against mobile threats and cryptocurrency mining
A number of industry threat reports have highlighted the latest problems and areas where resellers need to be providing support to customers
Mobile, sophisticated nation state attacks and malicious crytocurrency mining are some of the threats that customers are looking to the channel to help solve. Looking across a number of threat reports that have come out from the vendor community the pressing issues facing customers have been laid bare.
The idea that threats are rising is generally accepted but the latest reports indicate that the issues customers are dealing with are becoming more complex and the thirst for cryptocurrency means that there could be plenty of compromised PCs out there.
McAfee
with a lot of the tech world focused on the annual Mobile World Congress event the vendor has put the focus on mobile threats. The rate of infestations is not far off doubling year on year with 16m discovered in the third quarter of 2017.
The vendor is taking the view that the best way to protect mobiles is to work with the ecosystem that connects up the devices, networks and the security. The firm pointed to the 5bn worldwide mobile owners as a sizeable base that criminals would go after with expectations that as a result the threats would rise this year.
Using MWC as the platform the firm has deepened its relationships with Samsung, Telefónica, Turk Telecom and McAfee also revealed it had extended its partnership with NTT DOCOMO with the firm adding in the wifi security function into its Anshin Security app.
“It’s crucial for businesses to collaborate in order to tackle the significant increase in security threats. No one company can do it alone. Our partners share our belief that security must be built in from the start and prioritised to canvass all devices and networks," said John Giamatteo, executive vice president, consumer business group, McAfee.
“For consumers, keeping their data and privacy safe is becoming a real concern. They need to be able to trust that the brands they’re buying and the products they’re using are fully equipped to deliver the level of security they need. Our partners are taking proactive measures to do just this.”
CrowdStrike
One of the dangers that enterprises face is that the techniques used in nation state cyber attacks are trickling down into the business world.
The firm's Global Threat Report: Blurring the Lines between Statecraft and Tradecraft includes worrying disclosure that most traditional antivirus products failed to pick up on a lot of the latest threats. Some of the emerging issues will include crypto fraud and supply chain compromises.
“Today, the lines between nation-states and eCrime actors are increasingly blurring, elevating the sophistication of threats to a new level. Actionable threat intelligence and real-time threat data are crucial in empowering better security and executive decisions,” said Adam Meyers, vice president of Intelligence at CrowdStrike.
“With the Global Threat Report, public and private sector organizations can be better informed about the employed tactics, techniques, and procedures and properly allocate the defenses and resources necessary to protect assets that are most at risk," he added.
MalwareBytes
The firm has highlighted the issues around malicious crytocurrency mining with it being the top detected issue since September last year. Although a lot of people don't take the issue that seriously the dangers are there because some of the coin miners are using the same vulnerabilities exposed by other threats like ransomware to get access to user computing power.
"Cryptomining malware provides a good use case for leveraging the size and power of a botnet in order to perform CPU-intensive mining tasks without having to bear the costs incurred in the process. In some aspect, drive-by mining also applies the same concept, except that the botnet of web users it creates is mostly temporary, stated the Malwarebytes' The State of Malicious Cryptomining report.
"While malicious cryptomining appears to be far less dangerous to the user than ransomware, its effects should not be undermined. Indeed, unmanaged miners could seriously disrupt business or infrastructure critical processes by overloading systems to the point where they become unresponsive and shut down. Under the disguise of a financially-motivated attack, this could be the perfect alibi for advanced threat actors," it added.
Fortinet
Each week the vendor puts out a summary of the issues that have dominated the last seven days a but last week also marked the release of its Q4 2017 Threat Landscape Report.
The vendor also highlighted that increasing sophistication of the attacks and gave a reminder that one of the most high profile problems of last year, ransomware, continues to cause problems. There were also some comments about IoT with the firm dwelling on problems that had been found with wifi cameras, with attacks on the products quadrupling.
With the rise in the value of cryptocurrency there has been a parallel increase in the number of attacks on devices that can be used maliciously for mining coins.