Trend Micro Q1 2015 Roundup Finds New Variations on Proven Attack Methods

iOS, Adobe, PoS targeted by malware, zero-day exploits

OTTAWA, May 20, 2015 /CNW/ - A combination of newer and older threat variations defined the cybersecurity landscape in the first quarter of 2015. Malvertising, zero-day vulnerability exploitation, "old-school" macro malware and the decade-old FREAK vulnerability are just a few of the highlights in Trend Micro Incorporated's (TYO: 4704; TSE: 4704) new report, "Bad Ads and Zero-Days: Reemerging Threats Challenge Trust in Supply Chains and Best Practices." The report reinforces how complacency can present major cybersecurity risks in an era where the margin for error has been significantly diminished.

Adware also topped the list of mobile threats, with Trend Micro now documenting more than five million Android threats to date — nearing the predicted total of eight million by the close of 2015. In fact, top malicious and high-risk apps blocked by Trend Micro were adware related, reflecting this increase. Trend Micro researchers also found zero-day exploits targeting Adobe software utilized malvertisements and no longer required victims to visit or interact with malicious sites to become infected.

At the same time, iOS™ and point-of-sale (PoS) systems continue to be targeted. Since exploitations in these areas have been in their infancy for several years, researchers believe this rise is primarily due to a lack of preparedness—a sizable oversight that should be addressed.

"The question we have to ask is: 'Are we doing enough to protect ourselves from security threats'?" said Trend Micro CTO Raimund Genes. "While we need to constantly update our systems to protect against new attacks, the first quarter of 2015 clearly showed we need to also watch for older threats."

Canadian specific datapoints:

Malware-Related Data

• Canada was in the top 10 countries affected by ransom ware, earning the 9^th place with 2% of all infections.
• Canada was among the top countries that posted the highest number of PoS RAM Scraper Infections in the first quarter of 2015. It placed 7^th in the top ten affected countries, with 4% of the total number of infections.
• Canada was one of the countries most affected by exploit-kit related attacks, with 1% of the total percentage.
• Canada has 2% of all malware detections worldwide.

Web-Related Data

• Canada ranks 9^th among the countries that posted the highest number of users who clicked malicious URLs in the 1^st quarter of 2015. Based on our data, Canada hosts 0.34% of malicious URLs.
• Canada is also included among the countries with the highest number of C&C server connections in 1Q 2015, ranking 7^th. 

Spam-Related Data

• Canada hosts 1% of all spam-sending IPs worldwide

Overall Report highlights include:

• Old Threats Invigorated with New Targeted Attack Tools, Tactics and Procedures: Rocket Kitten and those behind Operation Pawn Storm set their sights on new targets, proving that targeted attacks are evolving.
  
  
• Exploit Kits Grew in Sophistication: Exploit kits constantly add new exploits to their arsenals, adding to their allure to expert and novice attackers.
  
  
• Crypto-Ransomware Volume Soared, Expands to Enterprises: Crypto-ransomware expanded their target base to enterprise users, no longer exclusively pursuing consumers.
  
  
• Macro Malware, Old but Still Effective: The resurgence of macro malware suggest cybercriminals are taking advantage of user security complacency, through reliance on Microsoft Office^® defaults.
  
  
• Decade-Old FREAK Security Flaw Brought on Patch Management Challenges: As more vulnerabilities emerge in open source OSs and applications, IT administrators will find it increasingly difficult to mitigate risks.

For the complete report, please visit: http://www.trendmicro.com/vinfo/us/security/roundup/

A blog post regarding the report can be viewed here: http://blog.trendmicro.com/1q-2015-security-roundup/

About Trend Micro
Trend Micro Incorporated, a global leader in security software, strives to make the world safe for exchanging digital information. Built on 26 years of experience, our solutions for consumers, businesses and governments provide layered data security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. All of our solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™ infrastructure, and are supported by more than 1,200 threat experts around the globe.  For more information, visit TrendMicro.com.

SOURCE Trend Micro Canada

Media Inquires: Claire M. Tallarico 416 616 9940