Threat Actors Targeting APAC Enhance Attack Tactics whilst Exploiting Old Vulnerabilities

20th November 2014 | By Mouseworld Now Correspondent |

Trend-Micro-logoNew Delhi, November,20, 2014: Trend Micro Incorporated has released its H1 2014 Targeted Attack Trends Report for the Asia Pacific (APAC) region. The report has found that threat actors targeting the region are continually refining their targeted attack tactics, which allows them to remain undetected. At the same time, old vulnerabilities resulting from unpatched software and applications are being exploited to the fullest.

With Trend Micro’s 2015 security predictions further
predicting targeted attack campaigns in APAC to increase in size and scale, 2015 may very well become the year where targeted attacks come of age.

According to the report, spear-phishing emails are still the most common infection vector for infiltrating networks, with almost 80% of the targeted attack malware arriving via email. Typically sent to employees in target organizations, spear-phishing emails convince recipients to either click a
malicious link or download and execute a malicious file.

Some of the most common email attachments used to deliver payloads include Microsoft Office documents (57%) and RAR files (19%), as they commonly change hands in any organization. Another method used to infiltrate target networks is compromising the websites an organization’s employees commonly visit. When their target employees visit these compromised sites, their systems get infected.

Zero-day as well as tried-and-tested exploits both figured in the targeted attack landscape. This worked as some IT administrators in the region forwent applying security fixes to their networks due to a fear of disrupting critical business operations. For example, a zero-day vulnerability caused by Windows XP’s end of life in April 2014 was
exploited in a targeted attack against embassies earlier this year. Threat actors favored Microsoft Office (53%) and Adobe Reader (46%) as the most common software vulnerability
exploitation targets.

Most of the malware used in targeted attacks were Trojans or Trojan spyware (53%), followed by backdoors (46%). Backdoors typically aid in establishing C&C communications and executing remote commands while Trojans and Trojan spyware aid in downloading the final payload and exfiltrating data.

“The efficacy of targeted attacks this year so far indicates that organizations still struggle to understand targeted attacks. One possible misconception is that targeted attacks are one-time efforts, whilst in reality they are well-planned and can be launched several times until they successfully compromise intended network targets,” said Dhanya Thakkar, Managing Director, APAC, Trend Micro. “To fight back, organizations today need a custom defense strategy, which uses advanced threat detection technologies and shared intelligence to detect, analyze, and respond to attacks that are invisible to standard security products.”

Tags: , , , , , , , , , ,

Leave your comment

IMPORTANT! To be able to proceed, you need to solve the following simple math

What is 6 + 8 ?
Please leave these two fields as-is:

Mouseworldnow Videos
  • r chandrashekhar president nasscom
  • Anant Maheshwari, President, Microsoft India
  • Suresh_Vaswani-220 by 220

Channel News

  • iValue is “APAC VAD” for Micro Focus more...
  • Telr launches its sub-brand TelrSecure more...
  • iValue is “APAC Emerging VAD” for AlgoSec more...
  • Rashi Peripherals Kick-Starts SI Training Program For Partners more...
  • Toshiba Sends its Storage Partners to Bali Under its Foreign Trip Scheme more...
Subscribe via email

Enter your email address:

What does the mouse ask?

Will the spurt in online video advertisement steal the twinkle from the TV ad platform?

View Results

Loading ... Loading ...
Newsletter Registration