Chinese Hacker Groups Shift Focus To India

Chinese advanced persistent threat (APT) groups that have allegedly been creating cyber havoc internationally will shift their focus in 2018 to countries like India and Hong Kong and groups seen as a threat to Beijing's influence over global markets. 

"For Indian enterprises, one of the most important security questions is, do you know who is targeting you and how they operate? The threat landscape looks very different depending on the nature of your business, the data you hold, your relationships, and more," Shrikant Shitole, Senior Director and Country Head for India at FireEye, told news agency IANS.

"Organisations cannot effectively measure their security by compliance standards or vis-a-vis their peers. They must measure it against their adversaries. Can they detect and defend the attacks their adversaries are likely to employ? Most firms are not as secure as they would like to believe." 

For the government and private sector alike, the FireEye executive said, it's important we shore up defences to avoid a situation like Russia's meddling in the recent US presidential election.

"The threat actor activity which facilitates these operations often takes place well before election day, and as we saw in the US, targets can be very diverse. The unfortunate reality today is this is threat with which all democracies must contend," Mr Shitole noted.

In the Indo-Pacific region, FireEye said, China and neighbouring countries are still continuing political disputes, especially with India, South Korea, Japan, the Philippines, Vietnam and other South-east Asian countries.

"Therefore, unorganised 'hacktivism' attacks as a response to these political tensions within and against these countries is expected to continue and possibly rise throughout the new year," the company warned.

According to FireEye, it observed an increase in non-Chinese and non-Russian APT groups in 2017 and expects to discover more in 2018.

"Recently we did a report on APT33, a threat group out of Iran. They're primarily targeting the kingdom of Saudi Arabia, the United States, and Israel. Those nations tend to pop up on Iran's radar when it comes to targeting. It's game on for them," Kevin Mandia, CEO, FireEye, said in a statement.

Ransomware is expected to rise in 2018

Other popular techniques that will continue to be used in 2018 are strategic web compromises and spear phishing, especially in targeted attacks. We also expect to see many more destructive worms and wipers. However, adoption of Cloud technology will increase in 2018, among businesses.

"You have to be ready for even the most seemingly simple threats, and you have to detect them, because I don't believe we're going to be able to do security risk transfer to have the Cloud providers detect it.” Mr Mandia said.

"They can't tell you how your users normally use their email. They just try to make it available to your users. So, we're going to have a lot of interesting challenges and complexities there," he added.

Meanwhile, as cryptocurrency continues to skyrocket in value and popularity, malware targeting anonymous currencies such as bitcoin will increase.

"Moving into 2018, we expect to see much more malware actively stealing cryptocurrency from weakly protected wallets, shimming password entry to wallets, stealing offline wallets for brute forcing or using credentials stolen from the same user," the firm said.

NDTV

You Might Also Read: 

The Differences Between Targeted Attacks and Advanced Persistent Threats:

Cybersecurity Skills Gap in India:

Three Pronged Attack: Chinese Military In Cyberwarfare Buildup:


 

« Intelligent & Autonomous Security Robots
Snowden’s Haven - A New Surveillance App »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

Watch this webinar to discover how a WAF goes beyond a standard firewall and helps you meet security industry compliance.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

AcceptLocal

AcceptLocal

AcceptLocal is a payments industry consultancy with expertise in payment processing, payment security, anti-money laundering and fraud prevention.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Datashield

Datashield

Datashield is a leading provider of Managed Security Services (MSS), and Managed Detection and Response (MDR), to middle market and enterprise customers.

NXO France

NXO France

NXO is an independent leader in the integration and management of digital workflows with services covering digital infrastructures, communications & collaboration, and security.

Regulus Cyber

Regulus Cyber

Regulus enables drones, robots and autonomous vehicles to operate safely, without malicious or accidental interference to the operation of their mission.

TokenOne

TokenOne

TokenOne is a Cyber Security software company that makes it easy to replace passwords, tokens and other forms of authentication with a more secure solution.

DynaRisk

DynaRisk

DynaRisk helps companies protect their staff, clients and supply chain from cyber threats by enabling people to take action for themselves.

Prescient

Prescient

Prescient’s Cyber solutions supplement your firm’s existing data security infrastructure with specialized investigations that identify unconventional cyber risks.

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

TDRA focuses on regulating the telecommunications sector and enabling government entities in the field of smart transformation. It is responsible for the overall digital infrastructure in the UAE.

Nakivo

Nakivo

Nakivo provides fast, reliable, and affordable VM backup, replication, and disaster recovery solutions for VMware, Nutanix AHV, AWS EC2.

Conduent

Conduent

Conduent delivers mission-critical technology services and solutions on behalf of businesses and governments. Solution areas include digital risk and compliance.

Neosecure

Neosecure

NeoSecure is a specialist Cybersecurity Solutions and Managed Services provider in Latin America.

SEMNet

SEMNet

SEMNet is an IT solutions provider and an infrastructure and security consulting firm.

RealTyme

RealTyme

RealTyme is a secure communication and collaboration platform with privacy and human experience at its core.

Infiot

Infiot

Infiot is a pioneer in enabling secure, reliable access with zero trust security, network optimization, edge-intelligence and AI driven operations for all remote users, devices, sites and cloud.