Critical Infrastructure the latest major attack target, according to Trend Micro Q1 2013 Security Roundup Report

Zero-day vulnerabilities also emerging faster than ever before 

Category:

London (Infosec) – 22nd April 2013 - Critical infrastructure firms are facing renewed risk of attack after the recent high profile campaign against South Korean banks and TV stations proved that attacks are growing in sophistication, intensity and severity, according to Trend Micro.

The cloud security specialist’s Q1 2013 Security Roundup Report also revealed that zero day vulnerabilities represent an increasing threat thanks to the prevalence of professional attack kits which can effectively help anyone become a cyber criminal.

Trend Micro’s synopsis of prominent Q1 threats, includes:

Attacks on South Korea
The high-profile attacks on banks and TV stations in South Korea this March reinforce that theft is no longer the sole focus of hacking efforts. Instead, these breaches were designed to cripple critical networks via innovative techniques including:


"Given the capability of what took place in South Korea, it is likely that increasingly destructive attacks will continue to be a threat,” said Tom Kellermann, VP, Cyber Security. “With each quarter, attacks are becoming bolder and more targeted, pointing to concerns far beyond the compromise of personal data.”

Zero-Day Attacks
New attacks against Oracle’s Java and Adobe’s Flash Player, Acrobat and Reader reveal that vulnerabilities are emerging faster than they can be patched and are quickly being incorporated into professional attack kits such as the “Black Hole Exploit Kit”. These kits have effectively democratised the means to launch potentially devastating attacks on any organisation and should concentrate the minds of IT security teams everywhere on revisting policies and tightening their cyber defences.

“Of course Java is cross-platform and that is somewhat attractive to criminals, but what is really attractive is its vulnerabilities and its ubiquity,” said Rik Ferguson, Trend Micro’s VP, Security Research. “This definitely won't be the last zero-day vulnerability in Java and it won't be the end of the vast attack surface that it currently offers to criminals.”

The full Q1 threat report is available for download here.

 


About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.

All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.

For more information, visit www.trendmicro.com/en_gb/. Or follow our news on Twitter at @TrendMicroUK.