ICFE eNEWS #15-02 - Jan 7th 2015

ESET Researchers Release 2015 Cybercrime Predictions and Trends

ESET’s Global Research Team Unveils the Top Security Risks in the Coming New Year

The "ICFE’s Certified Identity Theft Risk Management Specialist" - CITRMS® educational and certification testing program is now in its eighth year with over 3500 certificants. The main purpose is to comprehensively prepare and equip law enforcement professionals, financial planners and CPA's, resolution advocates, notaries, lawyers, credit and debt counselors, through education, testing and computer software training, with the knowledge and skills necessary to help consumers and businesses fully assess and minimize their present risk of credit and identity theft. All of these professionals - who are now the front line of defense in the fight against credit and identity theft for their clients and constituents - will also have a heightened sense of awareness about this so-called silent crime.

ESET®, global pioneer in proactive protection for more than two decades, has compiled a summary of the top cybercrime trends and predictions for 2015. While internet privacy and Android malware dominated the industry in 2014, an increase of sophisticated cyber attacks and risks associated with the Internet of Things and mobile payments top the list of what ESET expects to see in 2015.

The Rise of Targeted Attacks
Targeted attacks will continue to become more sophisticated in 2015. Often referred to as Advanced Persistent Threats (APT), these attacks are different from traditional cyber attacks as they target a specific victim or group. They are often lurk undetected on less secure networks.

“Targeted attacks most commonly take advantage of social engineering techniques, where psychological manipulation is used to encourage potential victims into performing actions or divulging confidential information,” said Pablo Ramos, head of the research lab at ESET Latin America. “ Attacks also take the form of zero-day exploits, where attacks exploit newly discovered vulnerability on a particular operating system or application.”

During 2014, ESET’s WeLiveSecurity blog published a number of comprehensive, technical overviews of targeted attacks, such as the BlackEnergy campaign and Operation Windigo.

More Malware Coming to Mobile Payments
From BitCoin to Apple Pay, this past year saw a wave of innovative payment methods. But with the arrival of these new technologies, hackers are eager for a new challenge. The largest known digital payment attack to date occured in 2014, with a hacker reportedly harvesting more than $600,000 in Bitcoins and Dogecoins by using a network of infected machines.

“As users begin to adopt online payment systems as a means to pay for services and goods, these systems become more attractive to malware authors interested in financial gain,” continued Ramos.

With U.S. banks adopting EMV by October 2015 and the growing popularity around tokenization, banking security is taking a step in the right direction, however we expect to see new banking-related trojans, ransomware and other forms of malware.

Internet of Things - New Toys for Hackers
As new devices connect to the Internet and store more data, they also become an attractive attack vector for cybercriminals. During 2014, we have seen evidence of this growing trend, with attacks on cars, televisions, biometric systems on smartphones, routers - not to mention Google glasses.

“The Internet of Things presents an emerging opportunity for cybercrime and should remain an area of focus for the security industry,” said Camilo Gutierrez, senior security researcher at ESET Latin America. “While it may take years to become a serious prevalent threat, we must act now to better prevent these types of attacks.”

ESET recently published a webinar focused on the security lessons learned in 2014. This webinar is aimed at helping businesses align their security procedures with industry best practices in the coming year.

For more information on security predictions and trends in 2015, please visit WeLiveSecurity.com.

About ESET
Since 1987, ESET® has been developing record award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires. For more information visit Eset.com or follow us on LinkedIn, Facebook and Twitter.

ICFE eNEWS is available FREE upon request by visiting the ICFE's Web site and filling out the contact form, selecting "Yes" for "Add to Mailing List." Please pass this eNEWS on to your peers and interested others and invite them to subscribe for free. Also, visit the ICFE's new Web site: StudentDebtHelp.org

Sent by:

Paul S. Richard
President - Executive Director
Institute of Consumer Financial Education (ICFE)

ICFE - Institute of Consumer Financial Education - ICFE.info - 619.239.1401