Secure cellular devices better, improve threat intel against techniques from APT groups
Produced from the observations and findings collated by the global cybersecurity company’s Global Research and Analysis Team (GReAT) this past year coupled with industry and technology trends, the predictions try to provide guidance and insights for the cybersecurity industry and relevant stakeholders in APAC.
Kaspersky releases five key cybersecurity trends to watch out in the Asia Pacific region with 2019 threat review.
More mobile threats
As the quantity of users moving to mobile platforms from regular PCs continues to be growing in the region, the amount of threat actors entering this space follows.
A variety of Android and iOS 0-days were reported in 2019, just like the watering hole spyware discovered on iOS that may get hold of confidential data like iMessage photographs and GPS location.
The interest in compromising mobile platforms with persistence is ever-growing, which is why Kaspersky expects to see more threats when mobile exploits turn into a commodity and the purchase price for it falls.
New techniques and new platforms from known threat actors
In 2019, Kaspersky researchers have observed Advanced Persistent Threats (APT) actors active in this region dealing with new techniques and approaches such as for example using steganography by Ocean Lotus or Developing malware in Nim program writing language by Zebrocy or using malicious LNK files by HoneyMyte.
Researchers also have seen Ocean Lotus with their new iOS malware in 2019. This threat actor has been actively adopting new techniques, which are aimed to complicate malware analysis.
More attacks targeting countries involved with “Belt and Road Initiative (BRI)”
Kaspersky also saw this past year at least a few threat actors targeting countries in the region involved in “BRI” such as for example Ocean Lotus, Lucky Mouse, and HoneyMyte and with an increase of advancements in different areas of this initiative, it’s more likely to see more attacks motivated because of it.
BRI is a programme which aims to hook up China to the world. Announced in 2019, the project aims to link the united states to three continents --- Asia, Africa, and Europe --- through interlinked land and maritime networks. The finish goal is to ramp up trade and financial growth and to boost regional integration.
Supply chain attacks remain one of the largest threats
This past year, researchers from Kaspersky also have uncovered and announced a breach of several software supply chain companies in Asia. Threat actor known as ShadowPad/ShadowHammer is thought to be responsible for this sort of attacks.
Additionally it is worth noting a survey conducted by Kaspersky showed that successful supply chain attacks can cost up to $2.57m normally.
Considering that this group has been mixed up in past many years doing similar attacks on less scale, we expect this actor to continue, and also other groups to go into this segment. Kaspersky expects to see more reports of software supply chain companies being compromised.
Olympic Games in Japan
It has almost turn into a tradition to run politically motivated attacks through the Olympic Games. With high political tension in lots of parts of the world, we will expect one or even several independent attacks to occur through the upcoming Olympic Games in Tokyo.
Source: www.deccanchronicle.com