Breaking
故宮5/26曬書節開跑 打造清明上河圖市集 AUO announces world’s highest resolution and full-color TFT driven micro-LED display technology New incentives for tourists: One-night free hotel accommodation for visitors traveling to Taitung, Tainan, Kaohsiung, Pingtung & Penghu COMPUTEX 2018: InnoVEX features six highlights and explores next blue-ocean opportunities 數位故宮揚名國際!台灣故宮榮獲AAM繆思獎、美國休士頓影展八大獎項 Discounts and free admissions offered to mark International Museum Day in Taiwan Formosa Int’l Hotels Corp announces strategic alliance with InterContinental Hotels Group Bring your cameras: Bigleaf hydrangeas are in season around Taiwan Not dull at all– Britshake offers a very British brunch and afternoon tea Going green in Taipei: Free coffee for cyclists at YouBike stations and free parking for electric scooters Amaroni’s Taipei sets to overturn Taiwan’s Italian tastes with hearty meals Regent Taipei to offer special packages to thank mothers this 2018 Mother’s Day Sowers Action sets fundraising record in Hong Kong’s Charity Golf Tournament — NT$2.6 million for poor children in need of education Cryptojacking tops attack toolkits, signaling massive threat to cyber & personal security Eye On Taiwan Media helps raise funds for Hong Kong’s charity group Sowers Action to aid underprivileged children Fulong International Sand Sculpture Festival: Underground artworks to be unveiled during the journey into the golden sands A better way to eat more vegetables at VEGE CREEK Emerging technologies like 5G, blockchain among key themes in COMPUTEX 2018 World’s third largest FASTENER TAIWAN 2018 sets new milestone Sea of white calla lilies at Taipei’s Zhuzihu promises a relaxing stay for visitors Lextar releases state-of-the-art adaptive driving beam LED headlight module system Acer teams up with major hospitals in Taiwan to provide cloud-based remote healthcare services Hip and trendy choices for the foodie souls along Taipei Metro Blue Line Supply chain hub for functional fashion opens to boost textile industry  Le Meridien Taipei to go dark to shine light on climate change with Earth Hour 2018 Taiwan’s own international music festival Looptopia coming this spring break Gov’t to roll out multi-language interpretation service for tourists Taiwan to take part in Hong Kong International Film & TV Market, film festival Don’t miss out on these newest starred Taipei Michelin restaurants World-class dancing fountain show in Bitan, New Taipei City a feast for the eyes 2018 Taipei International Bakery/Equipment Expo to open in Taipei along with three global competitions Greater Taipei’s new “All-Pass Ticket” offers commuters unlimited rides at NT$1,280 per month or NT$42 per day Looking for good food at reasonable prices? Here’s a full list of Michelin’s Bib Gourmand Selection; Taipei star guide available March 14 Apple snails a treat? Migrant workers contract rat lungworm after eating them uncooked Hong Kong’s designer handbag Chic by R&B sets sights on Taiwan as part of its global development strategy Forecast – Low temperatures around Taiwan later this week, warmer weather expected next Monday Late journalist-diplomat Joe Hung remembered as man of erudition and veracity Come and feast on Dominica’s art, food, jewelry all-in-one at Taipei’s Grand Hotel Million-dollar jobs on offer! Taiwan’s major carrier China Airlines recruiting 100 pilots in 2018 2018 Taiwan Lantern Festival kicks off in Chiayi — largest ever held in Taiwan TRA launches train ticket plus hotel package to boost Hualien tourism after fatal quake TrendForce: Mobile DRAM revenues hit new high of US$8 billion in 4Q17, but expected to grow slower in 1Q18 due to weaker demand Predicted rising price of toilet paper prompts shopping frenzy A pictorial glimpse of the Taipei Lantern Festival Back to work: What’s the best coffee to energize you? Things to do this weekend: Taipei Lantern Festival to kick off with dazzling lighting ceremony in Ximending Acer ITS’ smart parking meter solution takes home ‘Global ICT Excellence Award– Private Sector Excellence’ Taiwan’s Palace Museum tells us how ancient and modern meet Acer win 12 iF Design Awards in 2018 For a Shanghainese Chinese New Year, look no further from Shanghai Pavilion A yummy guide to Kinmen eateries as told by the nostalgic veterans Global smartphone market to remain weak in 2018: TrendForce Mandarin Oriental, Taipei ranked No 1 among top 10 luxury hotels in Taiwan: TripAdvisor Filipino caregiver among 10 people killed by powerful quake in Hualien Rescuers search for survivors as fresh quake rattles eastern Taiwan; 7 killed and 60 missing so far A walk through Dihua New Year Market Gov’t urged to be tough against people misusing boarding passes Blanket of snow covers Taiwan’s high mountains as cold snap kills 49 in a day Contaminated Malaysian durian coffee mix not imported to Taiwan: FDA Regent Taipei to present Japanese Kakiyasu beef; offer customers unique experience of Wagyu 150 local constestants to compete in 2018 Fishackathon Taipei for global final It’s better to walk briskly than aiming for a daily 10,000 steps: expert AIT co-sponsors 2018 Fu-Jen University Jazz Camp in Kinmen, New Taipei City Taiwan’s global trade competitiveness drops for sixth consecutive year: survey Hotels in Taiwan’s beach resort town Kenting see business downturn despite CNY holiday Stay warm: Weeklong cold snap arrives along with rain Tourism Bureau sees productive year ahead after its efforts to assist local industry Jiji railway line in central Taiwan set to be new tourist hotspot Yuck! Beware of the baked goods mixed with rotten eggs Early arrival of cherry blossoms to greet the Yangmingshan Flower Season in Taipei Must-see and must-eat places in “Lesser Kinmen” Kinmen, a sensory paradise for the tastebuds and the eye Strolling with eyes wide open, Kinmen is rich in aesthetic appeal and historical attractions It is all about AI robots: they can play the roles of sex partners and therapy, or cops to tackle crimes Taiwan axes 176 extra Lunar New Year flights from China, 50,000 passengers may be affected Taiwan’s CAL HQ awarded Diamond-rated green building; saves 23,000 kWh of power in 2017  Food safety makes up half of 2017 top ten consumer news: watchdog (Part 2) Dolores O’Riordan, The Cranberries lead singer, dies at 46 Food safety makes up half of 2017 top ten consumer news: watchdog (Part 1) Early arrival of Laomei Green Rock Troughs Cold snap kills close to 300 in Taiwan, warmer weather forecast Celine Dion to give two concerts in Taipei in July as part of her Live 2018 Asian tour Apple’s iOS 11.2.2 may slow iPhone performance by as much as 50% AIT to hold 2018 Fishackathon in Taipei and Kaohsiung for marine conservation 瓦城泰統慈善基金會首推《瓦城孝親獎》力邀孝順家庭典範! Shangri-La’s Far Eastern Plaza Hotel Taipei best choice for biz travelers 雲朗觀光粽夏端午 北中南三間飯店「香」約來放「粽」 雲品溫泉酒店明潭雙寶鹹甜雙享受 飯店泳池龍舟競速 君品酒店廣式裹蒸粽限量開賣 翰品高雄茶樓飄香層次方粽

Cryptojacking tops attack toolkits, signaling massive threat to cyber & personal security

29662992_10155411565032876_1519647262624563503_o.jpg
All photos captured from Symantec’s Facebook

The Eye on Taiwan news staff

Cryptojacking has topped attack toolkits to become a favorite revenue stream for cybercriminals, according to ‘s Internet Security Threat Report.

“Cryptojacking is a rising threat to cyber and personal security,” said Victor Law, chief operating officer of Symantec’s Greater China Region.

“The massive profit incentive puts people, devices, and organizations at risk of unauthorized coin miners siphoning resources from their systems, further motivating criminals to infiltrate everything from home PCs to giant data centers,” he noted.

Symantec’s ISTR provides a comprehensive view of the threat landscape, including insights into global threat activity, cyber criminal trends, and motivations for attackers. The report analyzes data from the Symantec Global Intelligence Network™, the largest civilian threat collection network in the world, records events from 126.5 million attack sensors worldwide, and monitors threat activities in over 157 countries and territories. Key highlights include:

Cryptojacking attacks explode by 8,500%

During the past year, an astronomical rise in cryptocurrency values triggered a cryptojacking gold rush with cybercriminals attempting to cash in on a volatile market. Detections of coin miners on endpoint computers increased by 8,500 percent in 2017. Taiwan ranks 8th in the Asia-Pacific Japan (APJ) region, 28th globally in terms of crypto mining activities.

29571108_10155415415972876_7763015135430666261_n

With a low barrier to entry – only requiring a couple lines of code to operate – cybercriminals are harnessing stolen processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency. Coin miners can slow devices, overheat batteries, and in some cases, render devices unusable. For enterprise organizations, coin miners can put corporate networks at risk of shutdown and inflate cloud CPU usage, adding cost.

“Now you could be fighting for resources on your phone, computer or IoT device as attacks use them for profit,” said Dragon Chang, Principal Systems Engineer, Taiwan, Symantec, “People need to expand their defenses or they will pay for the price for someone else using their device.”

IoT devices continue to be ripe targets for exploitation. Symantec found a 600 percent increase in overall IoT attacks in 2017, which means that cybercriminals could exploit the connected nature of these devices to mine en masse. Macs are not immune either with Symantec detecting an 80 percent increase in coin mining attacks against Mac OS. By leveraging browser-based attacks, criminals do not need to download malware to a victim’s Mac or PC to carry out cyber attacks.

Majority of targeted attackers use single method to infect victims

The number of targeted attack groups is on the rise with Symantec now tracking 140 organized groups. Last year, 71 percent of all targeted attacks started with spear phishing – the oldest trick in the book – to infect their victims. As targeted attack groups continue to leverage tried and true tactics to infiltrate organizations, the use of zero-day threats is falling out of favor. Only 27 percent of targeted attack groups have been known to use zero-day vulnerabilities at any point in the past.

30581792_10155424792762876_3667398661962203136_o

The security industry has long discussed what type of destruction might be possible with cyber attacks. This conversation has now moved beyond the theoretical, with one in ten targeted attack groups using malware designed to disrupt.

Implanted malware grows by 200%

Symantec identified a 200 percent increase in attackers injecting malware implants into the software supply chain in 2017. That’s equivalent to one attack every month as compared to four attacks the previous year. Hijacking software updates provide attackers with an entry point for compromising well-guarded networks. The Petya outbreak was the most notable example of a supply chain attack. After using Ukrainian accounting software as the point of entry, Petya used a variety of methods to spread laterally across corporate networks to deploy their malicious payload.

 

Threats in the mobile space continue to grow year-over-year, including the number of new mobile malware variants which increased by 54 percent. Symantec blocked an average of 24,000 malicious mobile applications each day last year. As older operating systems continue to be in use, this problem is exacerbated. For example, with the Android operating system, only 20 percent of devices are running the newest version and only 2.3 percent are on the latest minor release.

Mobile users also face privacy risks from grayware apps that aren’t completely malicious but can be troublesome. Symantec found that 63 percent of grayware apps leak the device’s phone number. With grayware increasing by 20 percent in 2017, this isn’t a problem that’s going away.

 

29662745_10155402555177876_7712807725135716399_o

In 2016, the profitability of ransomware led to a crowded market. In 2017, the market made a correction, lowering the average ransom cost to $522 and signaling that ransomware has become a commodity. In 2017, Taiwan ranks sixth in terms of ransomware threats in the APJ region, as compared to 11th 2016.

Many cyber criminals may have shifted their focus to coin mining as an alternative to cashing in while cryptocurrency values are high. Additionally, while the number of ransomware families decreased, the number of ransomware variants increased by 46 percent, indicating that criminal groups are innovating less but are still very productive.

From the experts: security best practices

As attackers evolve, there are many steps businesses can take to protect themselves. As a starting point, Symantec recommends the following best practices.

For businesses:

• Don’t get caught flat-footed: Use advanced threat intelligence solutions to help you find indicators of compromise and respond faster to incidents.

• Prepare for the worst: Incident management ensures your security framework is optimized, measurable and repeatable, and that lessons learned improve your security posture. Consider adding a retainer with a third-party expert to help manage crises.

• Implement a multi-layered defense: Implement a multilayered defense strategy that addresses attack vectors at the gateway, mail server, and endpoint. This also should include two-factor authentication, intrusion detection or protection systems (IPS), website vulnerability malware protection, and web security gateway solutions throughout the network.

• Provide ongoing training about malicious email: Educate employees on the dangers posed by spear-phishing emails and other malicious email attacks, including where to internally report such attempts.

• Monitor your resources: Make sure to monitor your resources and networks for abnormal and suspicious behavior and correlate it with threat intelligence from experts.

30724516_10155440344552876_2718828956814934016_n

For consumers:

• Change the default passwords on your devices and services: Use strong and unique passwords for computers, IoT devices, and Wi-Fi networks. Don’t use common or easily guessable passwords such as “123456” or “password”.

• Keep your operating system and software up to date: Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by attackers.

• Be extra careful on email: Email is one of the top infection methods. Delete any suspicious-looking email you receive, especially if they contain links and/or attachments. Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content.

• Back up your files: Backing up your data is the single most effective way of combating a ransomware infection. Attackers can have leverage over their victims by encrypting their files and leaving them inaccessible. If you have backup copies, you can restore your files once the infection has been cleaned up.

 

 

Related articles

NVIDIA unveils powerful GTX 1080

At COMPUTEX on Tuesday, NVIDIA unveiled its GTX 1080, a powerhouse GPU that can be housed in a laptop three times thinner and half the weight of current gaming laptops. Based on Nvidia’s new Max-Q design architecture, the 1080 boasts three times the performance of its predecessor (GTX 880M) and will be available across a variety of computer brands from June 27.

LEAVE A REPLY

%d 位部落客按了讚: