2014: the year of large scale targets
The major cyberattack on Sony Pictures, along with headline threats such as Heartbleed and Shellshock, helped make 2014 one of the biggest years on record for cyber security, according to Trend Micro’s annual security round-up report.
The report entitled, “Magnified Losses, Amplified Need for Cyber-Attack Preparedness” said that the attack cost Sony around $100m and compromised around 100 terabytes of data, making it the most prolific in a chequered year for the security industry.
Looking ahead
“The past year was unprecedented in terms of the size and scope of cyber-attacks as evidenced by the Sony situation,” said Dhanya Thakkar, Managing Director, India & SEA, Trend Micro. “Unfortunately, this will most likely be a ‘sneak peek’ of what is to come.”
The report stated that 2014 saw a switch to “quality over quantity” by hackers, as cyberattacks became increasingly more complex in order to evade detection.
Quality over quantity was a resounding theme in the 2014 threat landscape, reflected in part by the overall volume of malicious components we identified and blocked throughout the year.
Web threats largely remained multicomponent in nature. However, as security events proved, attackers continued to fine tune their strategies even if these were not original to obtain not just more victims but more desirable ones.
The report’s findings also confirmed Trend Micro’s late 2013 prediction that one sizable data breach would occur every month – further emphasising the need for organisations to protect their networks and implement intrusion detection.
All of the reports on who were responsible for the Sony Pictures hack have so far been inconclusive. Some believe it was an insider job akin to the Amtrak incident motivated by reasons like money, ideology, coercion, or ego. Others, meanwhile, chose to lay the blame on hacktivists. At the end of the day though, it does not matter who was at fault. Had the conglomerate learned from past incidents and protected its network from possible intrusions, it could have spared itself from this situation. Even if the truth about how hackers breached Sony Pictures’s defenses remains unknown, our own analysis of WIPALL, the destructive malware the FBI warned businesses against following the Sony Pictures hack, revealed it was not as sophisticated as other classes of malware the likes of STUXNET. However, there may be other components of the attack not made public.
For Sony, custom defense could have given security defenders a means to detect an intrusion early on, as files are being accessed and deleted or sent outside the network. To do that though, they should first know their baseline. They should know how their networks are configured and what the systems that comprise them contain so they can spot irregularities or clues of lateral movement.