sb-eu logo
Story image

Mobile malware and exploitation amongst biggest cyber threats for 2020

There will be an increase in mobile malware and cybercriminal groups exploiting mobile devices in the Asia Pacific region in 2020, according to new research from Kaspersky. 

Derived from the observations and findings collated by Kaspersky's Global Research and Analysis Team (GReAT) last year combined with industry and technology trends, Kaspersky has revealed its predictions for 2020 that aim to provide guidance and insights for the cybersecurity industry and relevant stakeholders in APAC.

More mobile threats

As the number of users moving to mobile platforms from regular PCs is still growing in the region, the number of threat actors going into this space follows.

A number of different Android and iOS 0-days were reported in 2019, such as the watering hole spyware discovered on iOS which can get hold of confidential data like iMessage photos and GPS location.

The interest in compromising mobile platforms with persistence is ever-growing, which is why Kaspersky expects to see more threats when mobile exploits become a commodity and the price for it goes down.

"Mobile users in the Asia Pacific remain vulnerable to social-engineering, which is up to this time one of the most common attack vectors," says Vitaly Kamluk, director for Global Research and Analysis Team (GReAT) Asia Pacific at Kaspersky.

"Common users are often tricked by online scams, automated dialers, sextortion attempts, and free online services offering free streaming video, which often come with hidden in-browser cryptocurrency miner," he says. 

New techniques and new platforms from known threat actors

In 2019, Kaspersky researchers have seen Advanced Persistent Threats (APT) actors active in this region taking on new techniques and approaches such as using steganography by Ocean Lotus or Developing malware in Nim programming language by Zebrocy or using malicious LNK files by HoneyMyte.

Researchers have also seen Ocean Lotus with their new iOS malware in 2019. This threat actor has been actively adopting new techniques, which are aimed to complicate malware analysis.

More attacks targeting countries involved in Belt and Road Initiative (BRI)

Kaspersky also saw last year at least a few threat actors targeting countries in the region involved in BRI such as Ocean Lotus, Lucky Mouse, and HoneyMyte and with more advancements in different aspects of this initiative, its likely to see more attacks motivated by it.

BRI is a programme which aims to connect China to the world. Announced in 2019, the project aims to link the country to three continents - Asia, Africa, and Europe - through interlinked land and maritime networks. The end goal is to ramp up trade and economic growth and to boost regional integration.

Supply chain attacks remain one of the largest threats

Last year, researchers from Kaspersky have also discovered and announced a breach of several software supply chain companies in Asia. Threat actor known as ShadowPad/ShadowHammer is believed to be responsible for this sort of attack.

It is also worth noting that a survey conducted by Kaspersky showed that successful supply chain attacks can cost as much as $2.57m on average.

"Given that this group has been active in the past several years doing similar attacks on a lower scale, we expect this actor to continue, and also other groups to move into this segment," says Kamluk. "Kaspersky expects to see more reports of software supply chain companies being compromised."

Olympic Games in Japan

Stephan Neumeier, managing director for Asia Pacific at Kaspersky, says it has almost become a tradition to run politically motivated attacks during the Olympic Games. 

"With high political tension in many regions of the world, we shall expect one or even several independent attacks to happen during the upcoming Olympic Games in Tokyo," he says.

"With its developed countries at the forefront of 5G technology and Industry 4.0 and its emerging economies with hyper-online and highly mobile and young population, Asia Pacific is definitely at the centre of the new technologies and trends that will define the new decade," says Neumeier.

"These truths combined with the geopolitical structure of the region will definitely shape its landscape in the region. Organisations and individuals can use our predictions to guide them better in their decision-making especially when it comes to boosting their cybersecurity habits and culture."

Story image
Metallic adds data management and GDPR compliance
Now GDPR compliant, additions to the portfolio include eDiscovery features and support for Microsoft Hyper-V and Azure Blob and File storage.More
Story image
Microsoft brings endpoint & Azure security under Microsoft Defender
Microsoft Defender brings Microsoft 365 Defender and Azure Defender under the same umbrella.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024
The nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.More
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More
Story image
Global DDoS attacks: What they are, how they work, and how to defend against them
Do not pay the ransom, and do make sure you've got strong DDoS protection, security firms warn.More