NOVEMBER 15, 2013
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
How to Avoid the Latest Microsoft Office Bug

Security for Home Users
How Attacks Adapt

Security for Business
Older Versions of Software Targeted by Zero-Day Exploit

Security for Home Users

How Attacks Adapt

With technological advancements come more advanced threats that take advantage of new technologies.”

Technology is ever-evolving, and there’s no stopping it. But with technology also comes threats that take advantage of it driven by people with an overriding sense of self-interest and little consideration for law and order. As 2013 comes to an end, let’s take a look back and see how technologies and threats have evolved through the generations.

1986–1999: The Age of the Floppy Disk Drive

The beginning of the computer age saw viruses mainly created for vandalism and bragging rights. They were also created for research purposes by those looking to find out more about computers in general. BRAIN, the world’s first PC virus, was created by the Alvi brothers, Basit and Amjad, in Lahore, Pakistan. It spread through floppy disks—,the only form of swappable storage media at the time. It was a harmless virus that simply displayed a cheeky message in infected boot sectors.

2000–2004: The Age of LANs

At this time, users from all over the world were getting connected, creating bonds with others though thousands of miles apart. Viruses or malware started becoming dangerous, wreaking damage on affected computers. One such malware was ILOVEYOU/LOVELETTER, which caused millions of dollars worth of damage when it rendered infected computers inoperable.

Outbreaks—when malware spread across a large number of connected computers within a relatively short period of time—also began to occur then. Like before though, cybercriminals were still after notoriety and fame rather than profit.

2004–Present: The Internet Age

While some attacks are still motivated by notoriety, we see more and more financially motivated attacks, spearheaded by the Italian Job, which compromised several legitimate banking sites as early as 2006.

Since then, threats began to follow technology at breakneck speed. The dawn of social networking gave cybercriminals a huge group to milk for cash, apart from a convenient, free platform from which to trick them. Social engineering also came to the fore at this point, with threats showing up as legitimate pages and posts on social networking sites, taking advantage of the environment to lure users into a false sense of security.

The arrival of mobile devices was also met by cybercriminal activity. DROIDSMS, the very first Android malware found in the wild, was like those that came after it, mainly after victims’ money.

Cybercriminals also started setting their sights beyond just targeting mere users. Since 2009, they have been attacking industrial control systems (ICS)—infrastructure related to nuclear reactors and power stations. Governments, organizations, and big companies also fell prey to attacks. Case in point, in 2011, the Luckycat campaign targeted the aerospace, military, and shipping industries. The attack motivation has changed from obtaining profit to espionage and sabotage.

Where Do We Go from Here?

Always remember that history exists to teach us not to make the same mistakes twice. The past must serve as a lesson for the future. Hopefully, as technology evolves, we cope to stop the bad guys who seek to corrupt it for their own malicious purposes. Take a glance back at history in and learn important lessons in “Threats and Technology: How Attacks Adapt.”

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.