Chinese Hacker Groups Shift Focus To India

Chinese advanced persistent threat (APT) groups that have allegedly been creating cyber havoc internationally will shift their focus in 2018 to countries like India and Hong Kong and groups seen as a threat to Beijing's influence over global markets. 

"For Indian enterprises, one of the most important security questions is, do you know who is targeting you and how they operate? The threat landscape looks very different depending on the nature of your business, the data you hold, your relationships, and more," Shrikant Shitole, Senior Director and Country Head for India at FireEye, told news agency IANS.

"Organisations cannot effectively measure their security by compliance standards or vis-a-vis their peers. They must measure it against their adversaries. Can they detect and defend the attacks their adversaries are likely to employ? Most firms are not as secure as they would like to believe." 

For the government and private sector alike, the FireEye executive said, it's important we shore up defences to avoid a situation like Russia's meddling in the recent US presidential election.

"The threat actor activity which facilitates these operations often takes place well before election day, and as we saw in the US, targets can be very diverse. The unfortunate reality today is this is threat with which all democracies must contend," Mr Shitole noted.

In the Indo-Pacific region, FireEye said, China and neighbouring countries are still continuing political disputes, especially with India, South Korea, Japan, the Philippines, Vietnam and other South-east Asian countries.

"Therefore, unorganised 'hacktivism' attacks as a response to these political tensions within and against these countries is expected to continue and possibly rise throughout the new year," the company warned.

According to FireEye, it observed an increase in non-Chinese and non-Russian APT groups in 2017 and expects to discover more in 2018.

"Recently we did a report on APT33, a threat group out of Iran. They're primarily targeting the kingdom of Saudi Arabia, the United States, and Israel. Those nations tend to pop up on Iran's radar when it comes to targeting. It's game on for them," Kevin Mandia, CEO, FireEye, said in a statement.

Ransomware is expected to rise in 2018

Other popular techniques that will continue to be used in 2018 are strategic web compromises and spear phishing, especially in targeted attacks. We also expect to see many more destructive worms and wipers. However, adoption of Cloud technology will increase in 2018, among businesses.

"You have to be ready for even the most seemingly simple threats, and you have to detect them, because I don't believe we're going to be able to do security risk transfer to have the Cloud providers detect it.” Mr Mandia said.

"They can't tell you how your users normally use their email. They just try to make it available to your users. So, we're going to have a lot of interesting challenges and complexities there," he added.

Meanwhile, as cryptocurrency continues to skyrocket in value and popularity, malware targeting anonymous currencies such as bitcoin will increase.

"Moving into 2018, we expect to see much more malware actively stealing cryptocurrency from weakly protected wallets, shimming password entry to wallets, stealing offline wallets for brute forcing or using credentials stolen from the same user," the firm said.

NDTV

You Might Also Read: 

The Differences Between Targeted Attacks and Advanced Persistent Threats:

Cybersecurity Skills Gap in India:

Three Pronged Attack: Chinese Military In Cyberwarfare Buildup:


 

« Intelligent & Autonomous Security Robots
Snowden’s Haven - A New Surveillance App »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Pluralsight

Pluralsight

Pluralsight helps enterprises build technology skills at scale with expert-authored courses on today’s most important technologies including information and cyber security.

CIO

CIO

CIO provides technology and business leaders with insight and analysis on information technology trends

Truth Technologies Inc (TTI)

Truth Technologies Inc (TTI)

TTI is a premier provider of worldwide anti-money laundering, anti-fraud, customer identification, and compliance products and services.

Lutech

Lutech

Lutech is an Italian ICT engineering and services company. Business solution areas include cyber security.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

Nubo Software

Nubo Software

Nubo’s Virtual Mobile Infrastructure creates a virtual corporate device on your employee smartphones and tablets. Enable unlimited mobility without leaving any data at risk.

Titanium Industrial Security

Titanium Industrial Security

Titanium Industrial Security specializes in advising and accompanying companies on cybersecurity in Connected Industry (Industry 4.0 / Smart Factory / IIoT).

Bottomline Technologies

Bottomline Technologies

Bottomline Technologies is an innovator in business payment automation technology, helping companies make complex business payments simple, smart and secure.

Findcourses.com

Findcourses.com

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

ShardSecure

ShardSecure

ShardSecure Microshard technology eliminates data sensitivity, providing security, privacy and compliance beyond encryption.

ISMAC

ISMAC

ISMAC was founded to create a security solution that would work for smaller to medium as well as bigger corporations at an affordable price.

3B Data Security

3B Data Security

3B Data Security offer a range of Penetration Testing, Digital Forensics, Incident Response and Data Breach Management Services.

Defentry

Defentry

Defentry have created an Ecosystem that lets our users easily monitor, train and resolve their digital security issues.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.

Cygna Labs

Cygna Labs

Cygna Labs is a software developer and one of the top three global DDI (DNS, DHCP, and IP address management) vendors.

Irys Technologies

Irys Technologies

Irys Technologies specialize in pioneering digital transformation solutions designed to streamline communications and enhance maintenance and operational efficiency for a variety of sectors.