Emerging Threats in the APT World: Kaspersky Lab Predictions for 2015

Woburn, MA – December 11, 2014 – The Kaspersky Lab Global Research and Analysis Team (GReAT) today published their predictions of the top emerging threats associated with Advance Persistent Threats (APTs). For several years now, GReAT has shed light on some of the world’s biggest APT campaigns, including RedOctober, Flame, NetTraveler, Miniduke, Epic Turla and Careto/Mask, among others. By closely observing more than 60 threat actors responsible for cyber-attacks worldwide, the team of experts has compiled the following predictions for 2015.

• The fragmentation of bigger APT groups.  A growing number of smaller threat actors are likely to lead to more companies being hit. Larger organizations are expected to experience a greater number of attacks from a wider range of sources.

• APT-style attacks in the cybercriminal world. The days when cybercriminal gangs focused exclusively on stealing money from end users are over. Criminals now attacking the banks directly and moving forward will use APT techniques for these complex attacks.

• Targeting executives through hotel networks. Hotels are perfect for targeting high profile individuals around the world. The Darkhotel group is one of the APT actors known to have targeted specific visitors during their stay in hotels.

• Enhanced evasion techniques. More APT groups will be concerned about exposure and will take more advanced measures to shield themselves from discovery.

• New methods of data exfiltration. In 2015, more groups are expected to use cloud services in order to make exfiltration (the unauthorized transfer of data from a computer) stealthier and harder to detect.

• The use of false flags.  APT groups are expected to exploit government intention to ‘naming and shaming’ suspected attackers by carefully adjusting their operations to plant false flags (that make it appear as if the attack was carried out by another entity).

“If we can call 2014‘sophisticated,’ then the word for 2015 will be ‘elusive.’ We believe that APT groups will evolve to become stealthier and sneakier, in order to better avoid exposure. This year we’ve already discovered APT players using several zero-days, and we’ve observed new persistence and stealth techniques. We have used this to develop and deploy several new defense mechanisms for our users,” comments Costin Raiu, director of GReAT, Kaspersky Lab.

In addition, Kaspersky Lab is today launching an interactive project, the ‘Targeted Cyberattack Logbook.’ This chronicles all the complex cyber-campaigns that have been investigated by GReAT. To explore the logbook, please visit apt.securelist.com

To read about these and more new trends in the APT world, please visit Securelist.com

About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 17-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact
Sarah Bergeron
781.503.2615
sarah.bergeron@kaspersky.com

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2013. The rating was published in the IDC report "Worldwide Endpoint Security 2014–2018 Forecast and 2013 Vendor Shares (IDC #250210, August 2014). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2013.