27% of all recorded malware appeared in 2015

Original author: Panda Security
  • Transfer


PandaLabs, Panda Security’s antivirus lab , published a 2015 report.

Last year showed new records in the number of malicious programs created, exceeding the mark of 84 million options. At the same time, both large enterprises and websites of various types were attacked during the year, and data on users and customers were stolen from some of them. As a result, millions of users around the world have been affected by cyber crime. A separate mention was given to the hotel chain, as they became the main target for criminals due to the huge amount of information that they manage, for example, bank card data.

Cryptolocker hit the corporate world, but as a result of the fact that many victims are willing to pay for the restoration of their information, we have seen a serious increase in the number of attacks against enterprises. The Internet of Things (IoT) has begun to bring itself to the fore, because the security of such devices remains in question. During 2015, we saw how different specialists managed to break into cars and remotely control them.

However, there is not only bad news. Private companies and law enforcement are increasingly working together. Slowly but surely, they put barriers for cyber criminals on the Internet, and although there is still a huge front to do, it’s good that their crimes will not go unpunished.

Adobe Flash is a “nightmare” for the security world because of the vulnerabilities that are used to infect millions of users around the world. It seems that he is living out his last days, because more and more systems prohibit its use.
Google is another company that has decided to no longer support Flash in its Chrome browser, while Amazon on its website no longer permits the publication of advertising elements that use this format.

Last year, once again, was a record for the number of malicious programs created. In total, over 84 million new samples were detected and neutralized by the PandaLabs anti-virus laboratory during 2015, which is on average about 230,000 new threats daily.

Currently, about 304 million malicious programs are registered in the laboratory, which means that more than a quarter of the malware ever created were registered in 2015 (27.36%). In addition to trojans, which are always the main type of malware, last year, PNPs and various Cryptolocker variants were also notable players, wreaking havoc around the world and stealing information in exchange for paying a ransom.

Summary of new threats that appeared during 2015



As always, trojans are at the top of the rating with a share of over 50% of the total number of created threats in the past year.
However, the share of trojans has become lower than last year, when compared with other categories, especially viruses (22.79%), worms (13.22%) and PUP (10.71%). If we analyze infections caused by malware around the world, then thanks to the data from the Collective Intelligence, we can see that the Trojans were the cause of most infections (60.30% of the total number of infections).

The distribution of



PND infections takes second place, causing almost a third of infections, bypassing spyware and adware (5.19%), worms 2.98%) and viruses (2.55%). Aggressive distribution techniques and programs used by PUPs mean that they have reached a high level of installation on users' computers.

If we look at the global level of infected computers, which is 32.13%, then we can see that it has increased over the past year mainly due to PUP.

However, it should be noted that this number means the proportion of computers on which any type of malware is present, but this does not mean at all that they were infected.



Countries with the highest levels of infection: China (57.24%), Taiwan (49.15%) and Turkey (42.52%).


Asia and Latin America are the regions with the highest infection rates. Other countries that were not in the top ten, but exceeded the global average infection rate: Colombia (33.17%), Uruguay (32.98%), Chile (32.54%) and Spain (32.15%).

If we analyze the data for countries with the lowest levels of infection, we will see that nine of the top ten countries represent Europe, and only Japan is the only non-European country in it. The leading countries are Scandinavian countries: Finland (20.32%), Norway (20.51%) and Sweden (20.88%).


Other countries that did not rank in the top ten, but at the same time showed a level of infection below the global average: Australia (26, 87%), France (27.02%), Portugal (27.74%), Austria (28.96%), Canada (29.03%), USA (29.48%), Venezuela (30.11%) ), Hungary (30.23%), Italy (31.84%) and Costa Rica (32.10%).

Cyber ​​crime


If we had to single out the most dangerous cyber attacks in the first quarter of 2015, then, of course, these would be “encryptors”, in particular CryptoLocker . This type of attack touched all types of users, although companies look more desirable because they store valuable information for which they are willing to pay a ransom.

It is known that some companies eventually succumbed to this type of blackmail, especially those that do not have a backup system to protect their data. In February, it became known that the Illinois State Department of Police paid a ransom of $ 500 to unlock a computer after being infected with an "encryptor." Cyber ​​criminals use various types of techniques to infect systems and steal user information. One of the most common infection techniques is the use of exploits, i.e. programs that exploit vulnerabilities on the victim’s computer.

In January, it turned out that cyber crooks are actively exploiting a hole in Flash Player. In this case, the security hole was a zero-day vulnerability that was previously unknown, and therefore there was no patch available for it. Flash is the primary goal for cyber criminals, just as Java is another software that is often hacked by hackers.

One of these “new” techniques (it came from the past, because the first such attack was 20 years ago) used by cyber criminals to deceive users and infect them with an “encryptor” is the use of macros in Office documents (especially Word) .

Most users have a false sense of security, thinking that a text document cannot contain a threat. Knowing this, and also understanding that the filters on the perimeter do not fight with such files, hackers sharply increased the number of attacks using this method.

The weak point of such an attack is that the user must turn on the macro, but cyber criminals are well aware of this, and therefore successfully apply various ingenious techniques of social engineering. One such example disclosed in PandaLabs was a Word document containing a blurry image. At the top of the document, a message was written in bold letters that the image was blurred for security reasons. If the user wanted to access information, it was necessary to run the macro by clicking on the button indicated by the arrow. After turning on the macro, the picture became clear, but the computer became infected with one of the Cryptolocker variants.

Another cryptographer, especially popular in Australia, although he was seen in many other countries, used pictures from the popular TV show "Breaking Bad." When we talk about phishing, we often think about email messages that are supposedly from banks. Of course, phishing attacks can be performed in this way, and this technique is still used in many cases, but now phishers attack not only bank customers and payment services.

In January, a group of hackers launched a phishing attack allegedly on behalf of Apple . The malicious message came from Apple Support tech support and it used common techniques. The authors of the letter referred to a security problem to simply frighten the user: “Your Apple ID has been suspended".
The message warned the user that an unauthorized person tried to access the user's account, and as a result the account was disconnected. The letter contained a link that led the user to a page in the design of the Apple website, where a lot of information was requested: name, postal address, phone number, credit card information, etc.

In February, the American company Anthem admitted that it was the victim of an attack, which resulted in data theft of 80 million users. In this case, the hackers managed to access one of the corporate databases using the stolen username and password. It is estimated that the attack could cost Anthem over $ 100 million.

In March , Slack (USA)I sent a message to all my users, where I informed them that unauthorized access to their database was discovered, where user information is stored. Although no critical information was stolen (in fact, Slack informed users that it was not necessary to change their registration data), the company instantly turned on a two-stage authorization system, forcing users to use additional security features to increase the level of protection.

Low cost airline Ryanairfell victim to an attack that caused the company $ 5 million in losses. Despite the fact that the details of the attack were not disclosed, it is known that a transfer was made to one of the Chinese banks. The company reported a crime and stated that it had managed to freeze accounts with stolen money and was going to compensate for the damage in the near future.


Health insurer CareFirst BlueCross BlueShield was the victim of a cyber attack that stole 1.1 million users. Every day, the threat of attack from such criminals is growing, and this is only one of hundreds of cases of information theft occurring around the world.

AdultFriendFinder Online Dating Servicesuffered from an attack, as a result of which personal information of users was stolen. Hackers offered to sell the stolen information for 70 bitcoins, which at that time amounted to 17,000 US dollars. Soon, this entire database was published on the Internet.

Leading password management company LastPass is another victim of information theft. Fortunately, it seems that the hackers could not get the passwords, but only the hashes of the user's master passwords. The complexity of these hashes (mixed and hard to understand) makes it very difficult for hackers to obtain real passwords. But, despite this, it was recommended to change the password if it was not very complicated.

Hard Rock Hotel and Casino in Las Vegasthey found out that their security was violated only in the eighth month from the moment when the hackers managed to start stealing information about customers (their names, bank card numbers and their CVV codes).

Those customers who used their cards in restaurants, bars and shops of this complex suffered, but those who made orders at the hotel or in the casino did not suffer. This attack is reminiscent of other attacks that we saw in the past (Target, Home Depot, UPS, Neiman Marcus), when terminals were attacked to steal information about customers' bank cards.

It was rumored that Uber was the victim of an attack because users noticed unusual activity in their accounts. However, it seems that this was a case of phishing when deceived users provided their IDs to hackers.

At the end of June, 1,400 passengers of the Polish airline LOT were detained at the Frederic Chopin Airport (Warsaw, Poland) after attacking the systems used for flight plans.

One of the biggest attacks last year was undoubtedly the attack on Ashley Madison. Hackers, known as Impact Team, posted a message on their website demanding the closure of this dating service, otherwise they would publish all the stolen information. Almost immediately after the American company did not comply with their requirements, hackers published a torrent with 10 GB of stolen information. Among the published information was data on 37 million customers: operations performed, email addresses, sexual preferences, etc. In addition, internal corporate documents were published.

In the third quarter, a number of new vulnerabilities were also identified that were used by cyber criminals as a means of access to their victims. In addition to typical Flash or Java attacks, a couple of incidents occurred with the Apple Mac OS X operating system. The first incident, which was discovered by Stefan Esser, allowed root access and was associated with adware used to attack the Mac. The second incident was discovered by MyK experts. It contained a vulnerability in the password management system, which allowed the hacker to get all the stored information.

One of the attack methods, which is rapidly gaining popularity, involves the interception of home or corporate routers. In this case, the routers remain under the control of hackers. It turned out thatASUS, DIGICOM, Оbserva Telecom, PLDT, and ZTE routers had predefined access codes . This allowed hackers to gain control over them without entering the room where they were installed.

Similar attacks were discovered when hackers used DDoS against Xbox Live and PSN at Christmas. Adobe Flash, known for its many security issues, may soon disappear. iOS has banned the use of Flash in its operating system. Then Android went the same way. Now it’s Google’s turn to “drive the last nail into the coffin lid” by disabling Flash in its Chrome browser. Amazon also announced that it bans on its site any advertising created on the basis of this technology.

The FBI detained 5 people who were involved in the attack on JPMorganin 2014. As part of this attack, hackers managed to obtain employee registration data, which were later used to access 90 company servers to steal information about 76 million individuals and 7 million legal entities that are company customers.

Microsoft decided to increase the security level of its products and solutions, doubling the remuneration for specialists who can reveal new critical errors in their solutions: from 50 to 100 thousand US dollars. Although this practice has become common among IT companies, it has not yet covered all sectors. However, an increasing number of companies are offering rewards in the hope that error information will reach them sooner than being sold “to the side”.

For example, United Airline, which offers miles as a reward, has decided to offer up to 1 million miles to those who find and report errors. The FBI also decided to introduce an incentive program, although in this case it is aimed at those who provide information on hiding criminals.

The biggest prize of $ 3 million was offered to anyone who could help detain Evgeni Mikhailovich Bogachev, the ideological inspirer of the Gameover ZeuS botnet.

Hotel chains are also becoming a target for cyber criminals. In addition to the attack on the Hard Rock Hotel and Casino in Las Vegas, there were others: the Hilton network, the Starwood network(Westin, Sheratin and others.), Las Vegas Sands Casino, Trump Hotels, Mandarin Oriental, FireKeepers Casino and Hotel and others. This is a long list that will certainly grow, as Hotels contain information related to millions of bank cards of their guests. As a rule, hotels offer guests to pay by credit card, which means that the number of attacks on POS terminals will increase (in the past they proved to be quite good among cyber criminals, as in the case of Target, when hackers were able to steal information about 46 million bank cards using malware at the point of sale).

Toy manufacturer VTechalso suffered from a security hole, which resulted in data loss of 4.98 million parents and 6.37 million children. A few weeks after the attack, UK police arrested suspects in the attack.

Social networks


In January, along with a statement by US President Barack Obama to introduce a program of measures to combat cyber criminals, a group of people who introduced themselves as ISIS hacked Pentagon accounts on social networks.

It is also worth paying attention to one of the most common scams on Facebook these days: fictitious posts offering gift cards of famous companies. In January, a scam group launched a Facebook campaign that promised to distribute 430 $ 500 Zara gift cards. To participate, the user just had to join this promotion, write “Thank you Zara” on his wall and invite another 50 people who should do the same. The scam spread like wildfire. In just a few hours, over 5,000 people participated, sending over 124,000 invitations.

All user connections to Facebook servers, including sent and received messages, are transmitted over the secure HTTPS protocol. Since this was not enough, this social network created a service on the Tor network, and now users can be even more confident in their online privacy. However, in addition to the connections established by the user through their own service, there are other indirect forms of communication that Facebook provides, for example, by email. We are talking about notifications that you receive if your friend sent you a personal message (if you have not disabled this feature). Due to the low security of such messages, Facebook announced that now all users will receive them (if they want) protected by the popular encryption program Pretty Good Privacy (PGP).

WhatsApp is another popular way to attract and infect users. We found a way to cheat, through which criminals try to trick users with a false service called WhatsApp Trendy Blue. It impersonates itself as a “new version” of an application with additional functions, although in fact all it does is sign the user for an expensive service. This false program also asks you to invite at least 10 of your friends to register with their service.

Facebook has announced that this network is considering adding a “dislike” button to its website. As expected, cyber criminals decided to take this opportunity. A few hours after this announcement, various types of “dislike” false links appeared. In fact, they turned out to be traps that tricked users into sharing their personal information.

Mobile Threats


We started 2015 with a threat that reminded us of the old worms in email and “messengers” that were modernized for use in SMS messages. The attack begins when the victim receives an SMS message with a link to his alleged image. The problem is that when you click on the link, the APK file (Android application package) is actually downloaded. If the victim installs it, then this worm sends a similar SMS message to all contacts of the victim. Fujitsu, in collaboration with the Japanese operator NTT Docomo, has released the Arrows NX F-04G, which is the first Android mobile device to offer an iris scanner as one of its security features. This method is much safer than the fingerprint scanning method, which is very popular among such manufacturers,

In June, we discovered a phishing campaign that targeted Android developers who published their products on Google Play, the official app store for this operating system. A message was sent from the company called Play Developer Support with the heading “Update Your Account Information” and requesting information to be updated in the account.

When a link was clicked, the user was redirected to a page that resembled Google, where it was necessary to enter your data.

This case is different in that the hackers did not want to empty the victim’s bank account, but use the account to spread threats through the Google Play store. Most worrying is how easily criminals can automate the whole process.

This requires:
• Create a spider or crawler (there are various open-source projects for this) to download information about all applications published on Google Play.
• Analyze information to obtain email addresses of various developers.
• Launch a custom phishing campaign in which even a web page will be configured for the developer. In this case, the deception becomes even more believable, which helps to increase the "conversion rate".
• Because the hacker has information about all the applications published by each developer, you can create a system that alerts him every time the developer of a popular application (millions of downloads) falls into the trap.

With this in mind, one of the simplest and less complex attacks will publish applications from this account. Imagine if someone tries to steal the data of the developer Candy Crush and publishes Candy Crush 2 from the same account. If hackers are smarter and find a way to modify the application without using a private key (which cannot be obtained through identity theft), they will be able to publish and update any application they want.

Returning to the previous example, imagine that the hackers created an updated version of Candy Crush that contains a trojan: millions of people download and install it without even thinking about any threat.

Google has created a new program called the Android Security Awards, in which payments are expected to those who will explore and discover new security flaws in Android.

The amount of payments depends on the severity of the identified security flaw: $ 2,000 for critical vulnerabilities, $ 1,000 for high-level flaws and $ 500 for medium-level flaws. Depending on the severity of the problem and the nuances of the detected flaw, this sum can reach $ 38,000.

In July, Zimperium recognized the mass vulnerability in Android of 950 million devices using this operating system. The problem is not so much the number of affected mobile phones, tablets and other devices, but how easy and simple it was to remotely attack them. Just by sending a malicious MMS, you could gain control over any phone - for this you just had to know the victim’s number. Moreover, the victim did not even need to open MMS, because Android automatically processes pictures. This means that the victim only had to get MMS.

Although the problem has been fixed, but due to the large number of manufacturers of various versions of this operating system, situations are still possible when a particular version is still not updated to apply the latest security measures. As a result, Google obliged many manufacturers (Sony, LG, Motorola and others) to include the latest updates, and Samsung announced that they could offer their customers monthly updates to protect themselves from new, constantly emerging vulnerabilities.

Shortly afterwards, two experts from IBM XForce reported another security issue that allowed a hacker to replace a legal application with a malicious one, after which he could gain control over the replaced application. Google has updated its software to resolve this security issue.

We are already used to observing ransomware attacks on PCs, and now they are increasingly attacking Android. In fact, over the past three months these attacks have been noted for their originality and simplicity. What a malicious application does: it changes the device’s PIN and asks for a ransom in $ 500. For example, users of our anti-virus for Android can change the PIN code of their mobile devices from their web control panel, which makes such attacks ineffective, allowing you to save $ 500. Apple also subjected third-quarter operating systems Referring to various kinds of attacks.

Appthority has discovered a Quicksand vulnerability that is scary for companies using MDM mobile device management services and can compromise corporate confidential information. Apple has taken care of fixing this vulnerability in its new version of iOS 8.4.1.
Another vulnerability to take care of is Ims0mnia. It allows a malicious application to escape Apple’s launch restrictions by allowing a microphone or camera to be activated and allowing spying on a user.

Apple had to remove several applications from its Apple Store after an attack known as XcodeGhost. Hackers published a modified version of software for developing applications for iOS, after which the authors of the applications, without knowing it, included malicious functions in their applications.

Another attack on Apple users steals iCloud access data from 225,000 users. The attack affected those users who had previously “hacked” their device in order to be able to install applications without using the official App Store, as a result of which security controls in iOS were violated.

Internet of things


In July, HP Fortify published the results of a study of smart watches. It showed that 100% of the analyzed devices are vulnerable to attacks, and pointed out the main problems that smart watches face. For example, not a single smart watch offered two-step authorization when connected to a mobile device, while all allowed to enter the wrong passwords repeatedly.

In July, security experts Charlie Miller and Chris Walashek held a demonstration that shocked the world. They convinced Wired journalist Andy Greenberg to drive a Jeep Cherokee while they attacked a car from home. They started the attack by gaining control over different systems of the car: they changed the air conditioner, turned on the wipers, switched the radio stations, played with the music volume ... In the end, they got full control of the car, including its brake system. They spent several months preparing the attack and even before the test informed the manufacturer in the hope that he would install new security updates to fix the vulnerability.

Experts provided detailed information on how they conducted the tests in their interview at the BlackHat conference in August.

In July, Land Rover was also informed of software bugs in 65,000 cars that were sold in 2013. The error allowed unlocking the doors from the outside. At the BlackHat conference, two experts Kevin Mahaffy and Mark Rogers showed how to hack the Tesla Model S. Despite the need for physical access to the machine to carry out this attack, they discovered 6 new vulnerabilities that allowed them to stop the engine when the machine was moving at a slow speed. The manufacturer has already taken measures to eliminate this problem.

Hiroyuki Inoue, a professor at the Hiroshima School of Information Sciences, conducted an experiment in which he connected a Toyota Corolla to the Internet and managed to break into a car. He was able to remotely control the windows of the car, change the speed limit, and, among other things, even block the gas pedal. Although this experiment was conducted with a machine connected to the Internet (this model is supplied on the market without such a connection), it is still an alarming signal for manufacturers.

Cyber ​​war


For the first time, the United States imposed sanctions against the country in response to a cyber attack. This is about North Korea, and the sanctions were the answer to the December hack of Sony Pictures for the comedy Interview, where a couple of journalists were given the task of assassination of the DPRK leader by the CIA.

In addition, new revelations of Edward Snowden leaked to the press. In January, German magazine Der Spiegel published information that China stole a large amount of data (terabytes) about the F-35 fighter, including information on the design of the radar, engine diagrams, etc.

Ben Rhodes, Assistant President of the United States and Deputy Head of the National Security Council for Strategic Communications, said the White House was the victim of an IT attack. In an interview with CNN, Rhodes confirmed that hackers gained unauthorized access to a system of unclassified computers and stole very important information, while the secret system was not hacked. Without going into the details of whether this attack was carried out by Russian hackers and when it happened, Rhodes got the impression that the attack was not so recent. Without disclosing information, he stated that the White House had already taken "a series of
security measures to assess and minimize the damage caused."

In June, we discovered that the Human Resources Directorate (OPM, a US government recruiting agency) was attacked, which stole information related to at least 4 million public sector employees. This attack occurred two months earlier, at about the same time that the White House was attacked. However, it turns out that the attacks were not related, given that the first attack was apparently related to Chinese hackers, although the US government did not officially confirm this information.

Supporters of the Islamic terrorist organization ISIS attacked the French television channel TV5MONDE, interrupting its broadcast. In addition, they also “captured” their Facebook page and website.

The well-known Syrian Electronic Army group was able to infiltrate the US Navy website by publishing propaganda from Bashar al-Assad and his regime in Syria.

The German parliament fell victim to an attack in which hackers managed to penetrate his network and steal information from various computers. It is believed that the attack was committed from Russia, but it is difficult to prove who actually stood behind it. We already know that the NSA used a modified version of Stuxnet to try to sabotage North Korea’s nuclear program. Although this time their attempts were unsuccessful, it should be noted that several years ago with the help of Stuxnet they managed to destroy at least a thousand uranium centrifuges at the plant in Natanz (Iran).

Hacking Team is a well-known provider of cyber espionage and cyber attack tools for governments around the world. In July, the company suffered a serious attack and faced the theft of all types of data. The attack became known through the Hacking Team Twitter account, which was also captured by hackers. They changed the account name to Hacked Team and published a link to download all the stolen information.



Hackers published customer lists (police and intelligence agencies from various countries, from the US to Uzbekistan). They also published a corporate certificate used by the Hacking Team, passwords that they used in their most secure systems, lists of products they sold, source codes of their applications, financial data, etc. They even published a website with a search function, which allowed Find all email addresses stored in the Hacking Team.

A few days later, a zero-day threat was detected in Adobe Flash thanks to information stolen from the Hacking Team.

James Komi, director of the FBI, spoke at a security forum and talked about how they found an increase in terrorist interest in launching cyber-terrorist attacks against the United States. He did not specify the types of attacks, but said that they are still at the planning stage, and the terrorists are still evaluating how effective they can be.

On July 25, Russian hackers managed to gain access to the unclassified email system related to the Pentagon. Official sources said it was a skillful attack, and they are confident that government bodies were behind it.

In September, DGI experts published a study on military unit 78020 of the People’s Liberation Army of China. The authors of the study indicated that this part is a group of hackers, known as Naikon, and responsible for various cyber espionage attacks in the military, economic and diplomatic fields. Their victims were Cambodia, Indonesia, Laos, Malaysia, Myanmar, Nepal, the Philippines, Singapore, Thailand, Vietnam, the United Nations Development Program and the Association of Southeast Asian Nations.

Anonymous launched a campaign against ISIS, hacking thousands of members into websites and social media accounts.


Key IT security trends in 2016



1. Exploit Kits


They will continue to be favorite tools for cyber criminals, as they allow to achieve mass infections. Exploit kits can be bought on the black market along with updates, allowing hackers to find new victims using new attack methods. Many security solutions are still not able to effectively deal with this type of attack, which means that hackers have every chance of success.

2. Malicious programs


The number of new malware samples continues to grow. Although most samples will remain PE-type (https://ru.wikipedia.org/wiki/ Portable_Executable), we predict an increase in the number of non-PE-type malware, especially scripts. These will not be just well-known java scripts, but most likely we will see wider use and abuse of Powershell, which comes with Windows 10 by default, which allows all types of scripts to run. They will be used in combination with well-known attacks, such as Fileless attacks, where
instead of malicious code in the form of a physical file on the computer, a parameter will be used when executing a command or entering the registry containing the script that needs to be executed.

3. Directed attacks


We will see an increase in the number of targeted attacks. Rootkit techniques that will hide the attack from the operating system and security solutions will be used more intensively. Companies will be required to take security measures to remain protected from such attacks, as they can cause serious damage to the company both financially and in terms of reputation. Keep in mind that such attacks are designed to steal confidential company data (financial data, strategic plans, etc.) and its customers.

4. Threats for Android


The number of mobile threats will increase, especially for Android, as It is the most popular operating system on the market. We will see more threats for device firmware. This means that it will be almost impossible for antiviruses to fight them.

5. Mobile payment platforms


It is still unclear whether such platforms will really become widespread in 2016, but it is obvious that they will be used more often and they will become a target for cyber criminals, as this is a direct way to steal money. If any of the platforms goes “ahead of the curve” and becomes popular, it will be the first candidate for the role of victim for hackers.

6. Internet of things


We know that 2016 will not be a year for the Internet of things, but there will be more and more devices connected to the Internet in the world, and we will see many tests showing how various attacks can be performed. We already saw many such tests in 2015, for example, with software on cars, when hackers gained remote control over machines.

7. Critical infrastructure


It will not be a target for ordinary cyber criminals, but within the framework of cyber wars, the tools for conducting remote sabotage on the critical infrastructure of another state are so valuable that the special services of the most powerful countries in the world will try to create them. Such attacks require careful planning and a lot of money, as is the case with Stuxnet.

8. Threat data for companies


The growing number of attacks and their complexity is changing the use of information and its exchange. At the very least, companies that offer security solutions and services and usually exchange information to better protect their customers are not in a mood for change. Large companies will request their security providers to provide them all this information, while also collecting all the information that is on their networks and exchanging it with other companies.

Conclusion



2015 was a difficult year, in which the number of attacks grew at an unprecedented pace, and 2016 will be even more difficult. Many attacks that we observed last year will continue to be visible in the next 12 months, such as Cryptolocker.

Special attention must be paid to the Internet of things, as there are more and more devices connected to the Internet in the world, and they can become a tool in the hands of cyber criminals to obtain any information they are interested in about us, both on a personal level and at the company level. Although these devices, as a rule, do not store a large amount of information, they can serve as a point of entry for our cybercriminals into our home or corporate network. Observing the occurrence of data theft, it is obvious that enterprises are experiencing a lack of protection that should work instantly. No one should think that he is protected or safe, therefore it is better to behave as if you have already been attacked, and not wait months or years to find out later. It is imperative to keep track of everything that happens on your network.

Also popular now: