Nigeria: Kaspersky Lab has seen a strong growth in detected threats in African countries, including Nigeria
For Kaspersky Lab, the overriding trend in 2015 globally has been increased complexity in cyber-attacks
LAGOS, Nigeria, December 10, 2015 – In 2015, the word “cyber-security” became trendy globally. Perhaps for the first time in history, issues relating to the security of the Internet and the protection of internal networks were discussed by, and became relevant to every sector of the economy as well as everyday life: from finance, manufacturing/industrial, automotive and aircraft to wearable devices, healthcare, dating services and more.
2015 saw near-exponential growth in all areas related to cyber-security. In fact, Kaspersky Lab (http://www.Kaspersky.co.za) has seen a strong growth in detected threats in African countries, including Nigeria. Says Dirk Kollberg, Senior Security Researcher, Global Research & Analysis Team at Kaspersky Lab; “The continued increase in threats and cyber- security matters certainly shows that African countries are a growing target for cybercrime, and as a result, countries like Nigeria need to pay attention to this reality and the future trends and predictions in this space.”
Cyber-activity during 2015 is described (https://securelist.com/analysis/kaspersky-security-bulletin/68117/kaspersky-security-bulletin-2014-a-look-into-the-apt-crystal-ball) by Kaspersky Lab’s Global Research and Analysis Team (GReAT) as “elusive”: full of cyber-criminals that are proving hard to catch, cyber-espionage actors that are even harder to attribute, and with privacy often the most elusive of all. Cyber-attacks have achieved the impossible: they have thinned the walls of bedrooms and offices around the world.
“Select any economic sector at random, and the chances are high that you’ll find something in the media about a cyber-security incident or problem. The same goes for all aspects of everyday life. This year’s cyber-events have resulted in a sharp increase in interest, not only in the world’s media but also in the entertainment industry. Movies and television programmes featuring cyber-security issues sometimes resulted in experts appearing as themselves. However, in addition to the positive changes of increased public awareness of risk and how to avoid it, 2015 also resulted in some negative outcomes. Unfortunately, for many, cyber-security has become linked to terrorism. Today, attacking and defending internal and external networks, such as the Internet, are subjects of considerable interest to various illegal groups,” continues Kollberg.
Kaspersky Lab: predicting the future:
The evolution of malware techniques. In 2015, GReAT discovered previously unseen methods used by the Equation (https://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy) group, whose malware can modify the firmware of hard drives, and by Duqu 2.0 (https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns), whose infections make no changes to the disk or system settings, leaving almost no traces in the system. These two cyber-espionage campaigns surpassed anything known to date in terms of complexity and the sophistication of techniques.
What Kaspersky Lab’s GReAT didn’t anticipate was that in 2015 we’d see wars between APTs. In 2015, Kaspersky Lab recorded a rare and unusual example of one cybercriminal attacking another. In 2014, Hellsing (https://apt.securelist.com/#secondPage/attack=34), a small and technically unremarkable cyberespionage group targeting mostly government and diplomatic organisations in Asia, was subjected to a spear-phishing attack by another threat actor, Naikon (https://apt.securelist.com/#secondPage/attack=36), and decided to strike back. Kaspersky Lab believes that this could mark the emergence of a new trend in criminal cyber-activity: the APT wars.
In total, Kaspersky Lab’s Global Research and Analysis Team issued 14 public reports on APT attacks in 2015: Duqu 2.0, Darkhotel – part 2 (https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns), Naikon (https://securelist.com/analysis/publications/69953/the-naikon-apt), MsnMM Campaigns (https://securelist.com/blog/research/70029/the-naikon-apt-and-the-msnmm-campaigns), Satellite Turla (https://securelist.com/blog/research/72081/satellite-turla-apt-command-and-control-in-the-sky), Wild Neutron (https://securelist.com/blog/research/71275/wild-neutron-economic-espionage-threat-actor-returns-with-new-tricks), Equation (https://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy), Blue Termite (https://securelist.com/blog/research/71876/new-activity-of-the-blue-termite-apt), Hellsing (https://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back), Carbanak (https://securelist.com/blog/research/68732/the-great-bank-robbery-the-carbanak-apt),Desert Falcons (https://securelist.com/blog/research/68817/the-desert-falcons-targeted-attacks), Animal Farm, Spring (https://securelist.com/blog/research/69114/animals-in-the-apt-farm) Dragon (https://securelist.com/blog/research/70726/the-spring-dragon-apt) and Sofacy. These advanced actors “speak” different languages: traces hidden in the APTs were in
and French (https://apt.securelist.com/#secondPage/attack=33). They targeted financial institutions, government, military and diplomatic organisations, telecommunications companies and energy firms, political activists and leaders, mass media, private business and more. The attacks were all global.
About Kaspersky Lab: