table the battle between those wanting to create

    
    

 

    
    

 

 

table of contents

1.0 Executive Summary…………………………………………………………………………………
2

2.0 Scammers will continue to run profitable ransomware scams…………………
3

2.1 Description of Threat

2.2 Nature of
Threat

2.3 Mitigation
of Threat

2.4 Conclusion

3.0 2. Distributed denial-of-service (DDoS) will
continue to rise as a threat…. 4

3.1 Description
of Threat

3.2 Nature of
Threat

3.3 Mitigation
of Threat

3.4 Conclusion

4.0 Text
References

 

1.0 Executive Summary

In this
report, I will be writing about the internet security threats listed under the
“The Threat Landscape in 2014 and Beyond: Symantec and Norton Predictions for
2015, Asia Pacific & Japan”

Over the
years the battle between those wanting to create new threats and exploit
vulnerabilities and those that want to protect against them are very likely to
intensify. Growth in the Internet of Things means consumers will be more
connected—and with this connectivity comes the potential for even more security
risks.

Will the
Internet of Things invite a whole new wave of security attacks?

The two threats
I have chosen to write about are;

1.                 
Scammers
will continue to run profitable ransomware scams.

Why this is so being attackers
have developed their techniques while enterprises in all sectors have failed to
patch out critical security loopholes. So many businesses are susceptible because they’ve failed to implement
the crucial security precautions, including offline backups. Everyone moved
away from offline backups with it being slow and such. Nowadays, with cloud and
online backups, people have totally neglected it. Therefore, if your PC is caught,
what other choice do users have but to pay the ransom to get back control over his
system.

 

2.                 
Distributed
denial-of-service (DDoS) will continue to rise as a threat.

Once the realm of bored
teenagers engaging in some wanton cybervandalism, they are now a favourite tool
of career cybercriminals, hacktivists, and even nation states.

With the availability of
ready to use DDoS tools that can be found online it’s no surprise that DDoS is
so popular and widely executed.

The advancement of the Internet of
Things is making millions of poorly secured devices available to be roped into
botnets too.

 

2.0 Threat one: Scammers
will continue to run profitable ransomware scams.

 

2.1 Description of Threat

According to
Symantec’s Internet Security Threat Report, ransomware attacks grew by 500% and
turned vile in the latter part of 2013. This growth was largely due to the
success of Ransom crypt, commonly known as Crypto locker. This aggressive form
of ransomware made up 55 percent of all ransomware in the month of October
alone.

How this
threat works is by encrypting a user’s files and then proceed to request a
ransom for the files to be unencrypted and returned to the user. Ransomware
causes even more damage to businesses where not only the victims’ files are
encrypted but also files on shared or attached network drives. Recently
ransomware makers have started leveraging using online and electronic payment
systems such as Bitcoins, Webmoney, Ukash, to get around the challenge of people
not being to pay for ransom fee. Crooks like the relative anonymity and
convenience of electronic payments and these are already readily available, even
more so with the growth of the IOT posing a greater risk for enterprises and
consumers from losing data, files or memories.

 

2.2 Nature
of Threat

First, what is
ransomware? Ransomware is a type of malicious software that inhibits user
access to files or systems, holding files or entire devices hostage using
encryption until the victim pays a ransom in exchange for a decryption key, which
gives the user access back to the files or systems encrypted by the program.

Ransomware
has been an outstanding threat to enterprises, SMBs, and individuals alike
since the mid-2000s. In fact, there were more than 7,600 ransomware attacks
reported to the Internet Crime Complaint Centre (IC3) between 2005 and March of
last year, outnumbering the just over 6,000 data breaches reported during the
same time. In 2015, IC3 received 2,453 ransomware complaints that cost victims
over $1.6 million.

The first
known attack was initiated in 1989 by Joseph Popp, PhD, an AIDS researcher, who
carried out the attack by distributing 20,000 floppy disks to AIDS researchers,
claiming that the disks contained a program that analysed an individual’s risk
of acquiring AIDS using a questionnaire. However, the disk also contained a
malware program that initially remained dormant in computers, only activating
after a computer was powered on 90 times. After the 90-start threshold was
reached, the malware activated and a message demanding a payment of $189 and
$378 for a software lease. This ransomware attack became known as the AIDS
Trojan, or the PC Cyborg.