2015 will see sneakier hackers building 'blast ware', framing innocent users: Fortinet

Increasingly proactive hackers will design scorched-earth routines into their malware in 2015 and manipulate evidence to frame innocent parties as they increasingly work to cover their tracks in the face of redoubled enforcement efforts, security firm Fortinet has warned.

With global cybercrime enforcement continuing to gain momentum, the company's security experts warned that black-hat hackers are likely to continue exploring new methods of destroying victims' hard drives after sensitive or valuable data has been exfiltrated from the compromised equipment.

This approach was noted by FortiGuard Labs in the latest instantiation of Dorkbot/NGRbot malware, into which hackers built self-checking routines that would wipe out all information on the hard drive if the code was altered.

“This is a direct counter response to the rise of incident response services,” the FortiGuard Labs team warned, noting that the inclusion of data-destroying mechanisms may be designed both as a new form of ransomware, and a way of hindering law-enforcement efforts.

Malicious hackers will also increasingly salt their work with red herrings designed to lead investigators away from them and towards unrelated third parties, the security team warned.

This includes a focus on sandbox evasion – in which malware will be designed to thwart law-enforcement efforts to safely monitor malware's behaviour by running it in isolated virtual machines – and broader efforts such as a focus on quality assurance in which hackers will test, evaluate and refine methods for bypassing particular security threats.

Also weighing heavily on FortiNet's threat horizon is the increasing exposure of the Internet of Things (IoT), which it said will become the 'internet of threats' as hackers “pry open the Internet of Things.”

“Hackers will continue to follow the path of least resistance as more and more devices are connected to the network,” the firm's security experts warned, noting that home automation, security, webcam and other consumer equipment will be targeted alongside business-focused equipment such as network attached storage and routers, supply chain systems, SCADA functionality, and more.

Continued attacks on retail giants are also expected, with the sort of 'denial of revenue' attacks seen in 2014 expanding as hackers “find new loopholes for infiltrating retail and financial systems”. Increasingly ambitious criminals will also extend their efforts to assembly line, factory, ERP systems, healthcare and building management, the firm has predicted – creating “even more challenges in the way of consumer data compromises, revenue losses and reputation damages” for organisations globally.

“Looking forward to 2015, we fully expect this trend to continue in an alarming way as black hat hackers pry open the Internet of Things,” said Derek Manky, global security strategist at Fortinet in a statement.

“As threats move to attack new product and software solutions, organisations are at even greater risk. It is imperative they choose not just a security solution, but a proactive and intelligent solution, to protect them from the broad breadth and depth of growing attacks that firewall solutions alone will not stop.”

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt @simplenomad Register today

Join the CSO newsletter!

Error: Please check your email address.

Tags Fortinet'blast wareransomwaremalwareDorkbot/NGRbot malwareCSO Australiacybercrimeblack-hat hackersEnex TestLabFortiGuard LabsInternet of Things (IoT)sneakier hackersSCADA functionalitymalicious hackers

More about CSOEnex TestLabFortinet

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place