Three new types of advanced persistent threats (APTs) that are posing risks to businesses, organizations, governments, and consumers all over the world have been recently identified by security researchers at Kaspersky Lab, a global security vendor.
In a press release on February 10, Kaspersky Lab outlined these new threats as:
Cyber hackers targeting banks
A year after a cyber threat called Carbanak was identified, its spinoff, Carbanak 2.0 is becoming a global threat not just to banks but also to budgeting and accounting departments of businesses. When the hackers get into a company’s systems, they can proceed to alter credentials of ownerships of major accounts.
A threat called Metel, on the other hand, gains controls of PCs inside banks particularly those that access money transactions. Thus, when a system is compromised, the hackers can automate the rollback of any automated teller machine (ATM) transaction. When this happens, the balance of selected debit cards remains the same regardless of the number of ATM withdrawals and transactions undertaken.
The Poseidon Group
The Poseidon Group (named after the Greek mythological god of the sea) is a long-standing cyber-espionage and attack team operating on all domains in land, air, and sea. Some of the command and control centers of the gang were detected inside Internet Service Providers that serve ships and traditional carriers.
This cyber threat works by stealing sensitive data from unsuspecting victims to eventually coerce them, without them knowing, into business relationships. The malware has been found to target English and Brazilian Portuguese Windows machines in Brazil, but several cases were already reported in the US, France, the United Arab Emirates, India, and Russia.
From 2013 to early 2016, it is estimated that at least 443,000 private users and commercial and non-commercial groups from around the globe have already been infected by this malware.
Adwind was discovered before the end of 2015 when a malicious file was attached to a spear-phishing email received by an employee at a Singapore-based bank. Once the file is opened, the malware automatically self-installs and tries to communicate with the command and control server.
This malware’s long list of functions include abilities to: steal cached passwords, take screenshots, record videos from webcams, record sound from the microphone, transfer files, collect system and user information, and manage SMS (for Android device users).
So far, identified victims were located in the US, the United Arab Emirates, Germany, Italy, Turkey, India, Vietnam, Hong Kong, and Taiwan.
Protection against cyber threats
Vitaly Kamluk, Kaspersky Lab’s Global Research and Analysis team director shared simple ways that can protect businesses and consumers against any malware.
Kamluk said it is imperative to invest in cyber security products that should be installed in PCs and even mobile devices. It is also important for those to be regularly updated.
Second, people should be more careful when opening emails especially with attachments. Kamluk said it is not advisable to instantly click email attachments especially if the message comes from an unknown sender. If a suspicious attachment comes from a known sender, it would be wise to ask the person if he or she actually sent the email before opening the attachment.
It can be recalled that by the end of the first quarter of 2015, the Philippine government was among those that had been compromised by cyberespionage groups (namely, Naikon and Hellsing) that targeted the Asian region. Fortunately, the hacking attacks were detected and dealt with early, leaving no serious impact to systems and confidential data.
In an interview of Entrepreneur Philippines during the Asia Pacific Cyber Security Summit in November 2015, Kaspersky Lab Southeast Asia Channel Sales Director Jimmy Fong said the Philippines is becoming a likely target for cyber hacking as its market remains calmer and most of its financial institutions and businesses are still unaware about such threats.
Fong said this reflects on sales of cybersecurity products in the market. He added that in 2015, Vietnam remained as the top market for sales of such products. “The Philippines is different from other countries. It is a great potential market but it still needs to improve in terms of IT infrastructure,” he said.
Fong said that security vendors like Kaspersky has been constantly working with local industry players and the media to further disseminate information about the potentially serious impact of cyber threats. “We know how to protect businesses, organizations, governments, and consumers. But if the concept of protection is not in the minds of the citizens, nobody can save them,” he said. – with a report from James Humarang