Cyber crooks target 'untapped potential'

Read time 2min 10sec
Crypto currency users and point-of-sale systems are top targets for cyber criminals, says Trend Micro.
Crypto currency users and point-of-sale systems are top targets for cyber criminals, says Trend Micro.

Cyber criminals have targeted places with "untapped potential" and transformed them into lucrative sources of money, according to Trend Micro's security round-up for the first quarter.

The report notes Bitcoin exchange hacks and point-of-sale (POS) terminal attacks have been the most notable threats observed throughout the quarter. Highlighting the Mt. Gox security breach as an example, Trend Micro says Bitcoins have "matured as a currency", resulting in more attention from cyber criminals.

Growing threats include wallet-stealing malware that targets Bitcoin traders. One of the latest versions, named Kagecoin, first emerged in March and infects Android devices in order to steal the currency.

Dr Neil Croft, owner of Mahala Mobile and founder of local crypto currency Madibacoin, says Bitcoin's popularity was always likely to result in people devising means to steal coins. "People have used approaches to get any device with computing power to contribute to their mining pools through compromised networks, Web sites, and mobile apps."

Meanwhile, POS systems are being exploited by attackers to gain credit card details and other personal data. "Throughout the first three months of this year, we saw how unusual attack targets ? POS terminals ? and oft-overlooked tools with regard to security proved attack-worthy," says the security round-up report.

Trend Micro notes attackers targeting servers use their update mechanisms that allow them to deploy malware to connected POS devices in order to steal customer information.

Attitude adjustment

Beza Belayneh, CEO of the SA Centre for Information Security, says all companies need a robust approach to cyber security measures as attacks become more innovative. He says "traditional targets", such as financial institutions and retailers, are usually the most aware of threats and have "built capabilities to withstand sustained attacks".

Belayneh says weak links will be exploited by attackers, regardless of the type of institution.

ITWeb Security Summit 2014

The tailored tracks at the ITWeb Security Summit 2014 cover a wide range of topics, empowering information security professionals to select sessions of particular relevance to their roles within the enterprise. ITWeb Security Summit 2014 takes place from 27 to 29 May at the Sandton Convention Centre. Book your spot now.

Trend Micro's security round-up notes that other trends include mobile malware and "high-risk apps", which grew to around two million in the first quarter.

It also says many online shoppers fell victim to cyber crime at the start of the year, as the holiday season drew to a close, while "targeted attacks", such as the high-profile breaches at US-based retailer Target, remain a threat.

Login with