AppRiver predicts 2015 threat landscape

AppRiver - a leading provider of email messaging and Web security solutions, has issued its predictions for the coming year. Its team of analysts have used indicators gathered from analysis of recent malware developments and criminal activity to determine how the threat landscape will evolve in the near future.

  • Monday, 5th January 2015 Posted 10 years ago in by Phil Alsop


It predicts that:

The bevy of 2014 breaches, and the abundance of credit card and other personal information obtained from them, will lead to an increase in spear-phishing and other more targeted attacks in 2015.

Point-of-Sale Malware will continue to disrupt big box stores, retailers and restaurants.

The uptick in critical vulnerabilities seen in the last few months will continue as further unexposed weaknesses in widely used platforms and protocols will continue to be a goal for attackers.

Speaking about these predictions, AppRiver’s senior security analyst – Fred Touchette, said, “So much private personal information exists on the cyber underground now that criminals will be able to put together very specific personal profiles of their targets thanks to these breaches and coupled with further information gleaned from social media. Recent highly effective social engineering ploys, such as those utilised in Ransomware, will continue to terrorize businesses and, while the criminals may begin to get away with less money through awareness and proper backup procedures by the intended targets, there will still be plenty of unsuspecting victims whose data will be at risk and likely compromised, still costing the business itself.”

Speaking about POS malware, Troy Gill - manager of security research for AppRiver adds, “These programs are often simple in design and have one job - to siphon credit card and account information from transactions as they happen. The seemingly simple nature of how they make their way into systems is troublesome and is a sure sign that these systems will continue to be major targets throughout 2015.”

Other areas where AppRiver’s security analysts voice concerns are: the widening use of individual cloud storage services posing a greater risk to personal, as well as professional targets, as company documents and data comingle with personal files in the cloud; increasingly sophisticated malware will continue to defeat detection by hiding in common services and using non-traditional forms of communication such as TOR or Peer to Peer; and acts of cyber aggression will continue between many nation states including the U.S. and China, as well as remain a tool of warring nations.

However, it’s not all doom as it also believes mobile payment systems will work aggressively to make digital payments through services such as ApplePay, Google Wallet and CurrentC far more secure.

That said, Jon French – security analyst at AppRiver concludes, “Vendors have been trying hard to change the way we make transactions - with features such as Near Field Communication and virtual wallets in our mobile devices. Unfortunately its early adoption has left a bit too much to be desired, thanks to security issues, so we can expect mobile payment systems and its architectures as a highly likely target of attack.”