Cross business cooperation to stamp out cybercrime in 2014

Cooperation between global corporations will help stamp out cybercrime gangs in 2014 as firms work together to eradicate similar campaigns and put pay to gangs working against businesses across the world.

FireEye’s top security predictions for 2014 show that an increase in the amount of time spent talking to other companies with similar problems will help to identify cybercrime gangs and then shut them down.

The team at FireEye identified 15 trends it expects in 2014 with one of the other headlines that there will be a decrease in java zero-day exploits during the year, which have already started to decrease in 2013.

“Despite the comparative ease of Java exploit development, the frequent release of new Java zero-day exploits stopped after February 2013. The reason is unclear, but may be due in part to security warning pop-ups in Java 1.7 or increased attention from white-hat security researchers. Another possibility: too few people are using vulnerable versions of Java, giving exploit authors little incentive to continue finding more bugs,” said Yichong Chen.

When it comes to threats against consumers, watering-hole and social media targeting is set to overtake phishing emails as offenders start to realise that this method is both simple and effective.

“Watering holes and social-media networks provide a neutral zone where targets let their guard down. The trust factor is not a big obstacle, and minimal effort is required to lure the target in to a trap,” stated Thoufique Haq.

This ties in with another of FireEye’s predictions that cybercrime is set to get “personal” as criminals realise that specific information, that can be gained from social media, is more effective than generic data.

The full list of predictions is as follows:

  1. Sophisticated threat actors will continue to hide behind traditional mass-market crimeware tools to make identification and attribution hard for network defenders.
  2. More attack binaries will use stolen or valid code signatures.
  3. Mobile malware will further complicate the threat landscape.
  4. Java zero-day exploits may be less prevalent.
  5. Browser-based vulnerabilities may be more common.
  6. Malware authors will adopt stealthier techniques for command-and-control [CnC] communications.
  7. Watering-hole attacks and social media targeting will increasingly supplant spear-phishing emails.
  8. More malware will fill the supply chain. Expect more malicious code in BIOS and firmware updates.
  9. New heap-spray techniques will emerge because of Adobe Flash's "click to play" mitigation [requiring user interaction to execute potentially malicious Flash content].
  10. Attackers will find more ways to defeat automated [sandbox] analysis systems, such as triggering on reboots, mouse clicks, applications closing and so on..
  11. More crimeware will destroy the operating systems [OS] of targeted systems as a last step of an attack.
  12. More "digital quartermasters" behind targeted attack campaigns. In other words, Sunshop DQ is only the beginning.
  13. With increasing collaboration between targeted organisations around the globe, we will see cybercrime gangs identified and shut down, thanks to clues that tie separate attacks to common campaigns and threat actors.
  14. Cybercrime gets personal.
  15. We expect the time to detect advanced malware to increase.