Security expert expects APTs to dwindle in 2016

The prevalence and intensity of cyberattacks is expected to subside in 2016, in comparison to 2015, according to research from Kaspersky Lab.

Speaking at the Cyber Security Summit in Port Dickson, Malaysia, Vitaly Kamluk, Principal Security Researcher, Global Research & Analysis Team (GReAT), Kaspersky Lab, in his conference presentation entitled “APAC – Regional Threat Overview,” suggested that the prevailing trend and data supports the thinking that Advanced Persistent Threats (APTs) are expected to dwindle in 2016.

To date, 12 different types of APTs were detected in 2015, including Wild Neutron, Darkhotel, Naikon and Duqu 2.0. Each cyberattack held varying levels of intensity in terms of damages and malicious activities executed.

“Cyberattackers, particularly those involved in major operations, are mainly motivated by monetary gains and purposes relating to self-infamy. Some are even supported by sovereign entities and other social movements, which explains the source of their resources and their motivations,” explained Kamluk. 

According to Kaspersky Lab, as cybersecurity companies develop their knowledge libraries in combating these APTs and to increase awareness, the effectiveness of such threats diminishes significantly. As a result, malicious agents and entities are expected to evolve and develop alternative means.          

According to another senior security expert, Sergey Lozhkin, Senior Security Researcher, GReAT, Kaspersky Lab, the access to hacking and networks breaching tools is still widely available, despite the exposure and shutting down of the “undernet” or illegal resource site otherwise known as the Dark Web. Illegal hacking tools including hacking codes, data exfiltration viruses as well as Botnets are available on the Dark Web. But due to governmental and law enforcement measures, the more common or unrestricted Dark Web sites have been shut down.

But Lozhkin warned, “The Dark Web is not dead. It is merely re-building”. In his presentation “The Evolution of Ransomware: Dangers of Cryptolockers”, he said that the Dark Web might end up becoming more secure as it is able to deliver two-factor authentication and certificates for access to resource sites. Bitcoin is still the currency of choice on the Dark Web, with hacking tools and botnets available for the right price.

“Novice cybercriminals can purchase botnets and hacking applications for US$5,000, which enables them to accumulate as much as US$25,000 in illegal financial gains in a single day,” said Lozhkin. 

In the future-scape panel discussion by Chief Disruption Officer and Thinker, Hannes Sjoblad and Sergey Lozhkin, the topic of “Bio-Hacking: Securing the Last Line” was discussed. Sjoblad presented the multitudinal benefits of Near Field Communications (NFC) chips embedded into the human body in relaying and exchanging key personal information. This was compared to other forms of bio-personal identification including voice recognition, finger print identification as well as retinal authentication. In explaining the benefits of bio micro-chips, Sjoblad suggested that this technology is expected to grow, building on decade’s long experience in bio-chipping animals and fishes for biological research.

In discussing the potential vulnerabilities this poses, Lozhkin explained that this area requires extensive study and research as it is an inevitable evolution of how humans share and exchange information in the future. “We need to have more robust security protocols and systems to be able to see this technology in wider commercial use,” explained Lozhkin.

With such advances in technological innovations, companies are expected to be ever more vigilant in the fight against cybercrime. Since cyberattacks are nowhere near to being completely eradicated, constant and arduous research are required to be undertaken to safeguard the interests and assets of companies.