Cyber-espionage will be "very active" this year and will target mobile devices
The National Cryptologic Center remembers that the 'ransomware' was the attack vector that grew the most in 2016
The National Cryptological Center (CCN-CERT) has warned on Thursday with its 'Cyber Threats and Trends Report' that cyber-espionage will remain very active this year 2017, "either as part of the intelligence operations of a State or directed by organized groups that will provide services or will look for information of interest and will be able to sell it ".
"More influence actions are envisaged in decision-making processes and cyber-sabotage within the framework of hybrid operations", he has pointed out as the first of the tendencies to be monitored by his group Ciber-Incident Response Capacity, which managed in 2016 a total of 20,940 notices that were detected "mainly in the public sector and in companies considered of strategic interest for Spain"; This was 14.5% more than in 2015.
Of these, 3.6% were considered by the team of experts of the National Government CERT as very high or critical, depending on the degree of danger determined by the type of threat, origin of the attacker, profile of the victim, number or typology. of the affected systems, impact, inclusion or not in a campaign of greater depth, etc.
According to this report, the 'ransomware' was the attack vector that grew the most during 2016, with about 150,000 cases per month. But it has also been noted that "there are mechanisms of infection without using 'malware', or write (almost) anything on disk for many years." "It will be increasingly common to use 'malware' in" no files "mode executed in memory and looking for its persistence as a task scheduled directly from the registry," he added.
The National Cryptological Center has recalled that "the use of mobile devices in professional environments is becoming more frequent"; and, for that reason, "it is expected that during 2017 cyber-espionage campaigns aimed at these teams will increase and, in particular, the growth of 'ransomware', banking Trojans and remote access and monitoring tools".
"It is likely that 2017 will witness an increase in attacks directly against the technological infrastructures of the electronic payment system, as well as the commercialization of these attacks through Crime-as-a-service services", explained in a note of press broadcast to the media.
These attacks are based on the principle that the aggressor will respect a tacit contract with the victim. However, it has been described as very possible "that cases appear in which, despite having paid the ransom, the encrypted files are not unlocked". "This can lead to a crisis of confidence that leads one to think that" paying the ransom "does not lead to anything, in any case, it will continue to be a very significant threat in 2017, including the Ransomware-as-a-Service". Finally.