Increasingly proactive hackers will design scorched-earth routines into their malware in 2015 and manipulate evidence to frame innocent parties as they increasingly work to cover their tracks in the face of redoubled enforcement efforts, security firm Fortinet has warned.
With global cybercrime enforcement continuing to gain momentum, the company's security experts warned that black-hat hackers are likely to continue exploring new methods of destroying victims' hard drives after sensitive or valuable data has been exfiltrated from the compromised equipment.
This approach was noted by FortiGuard Labs in the latest instantiation of Dorkbot/NGRbot malware, into which hackers built self-checking routines that would wipe out all information on the hard drive if the code was altered.
“This is a direct counter response to the rise of incident response services,” the FortiGuard Labs team warned, noting that the inclusion of data-destroying mechanisms may be designed both as a new form of ransomware, and a way of hindering law-enforcement efforts.
Malicious hackers will also increasingly salt their work with red herrings designed to lead investigators away from them and towards unrelated third parties, the security team warned.
This includes a focus on sandbox evasion – in which malware will be designed to thwart law-enforcement efforts to safely monitor malware's behaviour by running it in isolated virtual machines – and broader efforts such as a focus on quality assurance in which hackers will test, evaluate and refine methods for bypassing particular security threats.
Also weighing heavily on FortiNet's threat horizon is the increasing exposure of the Internet of Things (IoT), which it said will become the 'internet of threats' as hackers “pry open the Internet of Things.”
“Hackers will continue to follow the path of least resistance as more and more devices are connected to the network,” the firm's security experts warned, noting that home automation, security, webcam and other consumer equipment will be targeted alongside business-focused equipment such as network attached storage and routers, supply chain systems, SCADA functionality, and more.
Continued attacks on retail giants are also expected, with the sort of 'denial of revenue' attacks seen in 2014 expanding as hackers “find new loopholes for infiltrating retail and financial systems”. Increasingly ambitious criminals will also extend their efforts to assembly line, factory, ERP systems, healthcare and building management, the firm has predicted – creating “even more challenges in the way of consumer data compromises, revenue losses and reputation damages” for organisations globally.
“Looking forward to 2015, we fully expect this trend to continue in an alarming way as black hat hackers pry open the Internet of Things,” said Derek Manky, global security strategist at Fortinet in a statement.
“As threats move to attack new product and software solutions, organisations are at even greater risk. It is imperative they choose not just a security solution, but a proactive and intelligent solution, to protect them from the broad breadth and depth of growing attacks that firewall solutions alone will not stop.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.
Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt @simplenomad Register today