Kaspersky Lab Finds the Number of Corporate Sector Targets in 2014 Has More Than Doubled Since 2013

Woburn, MA – December 9, 2014 – Kaspersky Lab has published a complete review of the top key events that defined the threat landscape in 2014. The Company found that the number of victims affected by targeted attacks in 2014 is 2.4 times that of 2013.

Among a range of security incidents, targeted attacks and malicious campaigns stood out, particularly in terms of their scale and impact on businesses, governments, public and private institutions. Over the last 12 months, the Company’s Global Research and Analysis Team (GReAT) has reported on seven advanced persistent cyber-attack campaigns (APTs). These APTs accounted for more than 4,400 corporate sector targets in at least 55 countries worldwide. This year also saw a number of fraud campaigns that resulted in losses totaling millions of dollars.

Cyberespionage

In 2014, organizations in at least 20 sectors were hit by advanced threat actors. The sectors include the public sector (government and diplomatic offices), energy, research, industrial, manufacturing, health, construction, telecoms, IT, private sector, military, airspace, finance and media, among others.

In addition, cyberespionage actors stole passwords, files and audio-streamed content, took screenshots, intercepted geolocation information, controlled web cameras, and more. It is likely that in several cases these attacks were performed by state-sponsored threat actors, for example the Mask/Careto and Regin campaigns. Others are likely to have been the result of professional cyber crews organizing attacks-as-a-service, for example, HackingTeam 2.0, Darkhotel, CosmicDuke, Epic Turla, and Crouching Yeti.

Regin is the first ever cyber-attack platform known to penetrate and monitor GSM networks in addition to other standard spying tasks. Darkhotel targeted C-suite victims, including CEOs, Senior Vice Presidents, Sales and Marketing Directors when they stayed at various luxury hotels worldwide, hunting for sensitive information on connected equipment. These two threat actors have been in operation for a decade, making them among the oldest APTs.

“Targeted operations could mean disaster for the victim: resulting in the leak of sensitive information such as intellectual property, compromised corporate networks, interrupted business processes, and the wiping of data. There are tens of scenarios that all end up with the same impact: the loss of influence, reputation and money,” said Alex Gostev, chief security expert at the Global Research and Analysis Team, Kaspersky Lab.

Fraud operations

In June 2014, GReAT reported research into an attack on the clients of a large European bank. The attack had resulted in the theft of half a million Euros in just one week. Four months later in October, GReAT experts published the results of a forensic investigation into a new direct attack on ATMs in Asia, Europe and Latin America. Millions of dollars were stolen from ATMs worldwide without the attackers requiring access to credit cards.

In the forecast for the next year, Kaspersky Lab experts expect to see further evolution of these ATM attacks, where APT techniques are used to gain access to the ‘brain’ of cash machines. The next stage will see attackers compromising the networks of banks and using that level of access to manipulate ATM machines in real-time.

To watch Kaspersky Lab's video “Game of cyber-thrones: attacks on the corporate sector and business executives in 2014”, please click here.

To read more about key events that have defined the threat landscape in 2014, please read the full report on the Securelist website.

Kaspersky Lab’s Predictions for 2015 are available here, Statistics for 2014 are available here and a video about consumer threats in 2014 is available here.

About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 17-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact
Sarah Bergeron
781.503.2615
sarah.bergeron@kaspersky.com

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2013. The rating was published in the IDC report "Worldwide Endpoint Security 2014–2018 Forecast and 2013 Vendor Shares (IDC #250210, August 2014). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2013.