DECEMBER 27, 2013
Your regular source of security updates from TrendLabsSM
In This Issue

Security Spotlight
The Buzz About Bitcoin

Security for Home Users
Ahead of the Game

Security for Business
New Attack Tactics for the New Year



Security for Business

New Attack Tactics for the New Year

While we can’t know for certain why cybercriminals will use tactics commonly seen in targeted attacks, we do know that doing so is highly probable given that they don’t cost a lot and are easy to do.”



Trend Micro researchers believe cybercriminals are likely to use techniques commonly seen in targeted attacks. Posts found in underground forums show huge interest in crafting PDF exploits for use in both targeted and cyber attacks. A lot of cybercriminals are also becoming more interested in exploits for software like Microsoft™ Office® and Adobe® Acrobat® and/or Reader®.

Targeted attacks are high-risk threats designed to gain access to your company’s valuable data while remaining undetected in your network. Some of the common tactics used in targeted attacks include spear phishing and vulnerability exploitation.

Why Cybercriminals Will Use Targeted Attack Tactics

While we can’t know for certain why cybercriminals will use tactics commonly seen in targeted attacks, we do know that doing so is highly probable given that they don’t cost a lot and are easy to do. Attackers can opt to put together a data stealer with an exploit, for instance, to launch more effective attacks. They can also buy tools and builders that can let even newbies—those without much technical know-how—easily create malicious PDF and DOCX files.

Unpatched computers and servers can also be easily exploited through bugs, allowing attackers to infiltrate enterprise networks. Employees with little to no IT experience can be easily tricked into opening email attachments supposedly from their bosses. Once inside, attackers can choose to launch attacks that target specific individuals in a company to gain access to data.

Help Protect Against Targeted Attacks

Cybercriminals will continuously improve their tactics to profit. To counter attacks, companies should patch their computers and servers to secure their networks. Those that often delay patching since it involves restarts that can disrupt business operations should consider virtual patching. It’s also advisable to use an advanced threat protection platform that can block spear-phishing emails and detect zero-day exploits.

Copyright ©2013 Trend Micro Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their respective owners. The information contained in this document is subject to change without prior notice.

www.trendmicro.com

  CONNECT WITH US ON: