McAfee Labs Threats Report: August 2015

In the McAfee Labs Threats Report: August 2015, published today, we discuss three key topics:

  • A retrospective look at the changes in cyberthreats and cybersecurity since Intel announced the acquisition of McAfee five years ago.
  • The specific tactics and techniques used by attackers to surreptitiously exfiltrate data.
  • An examination of GPU attacks and what might be possible today.

Intel + McAfee: A five-year retrospective

August marks the fifth anniversary of Intel’s announcement that it would buy McAfee. Since that time, much has changed in the cybersecurity world. For this retrospective, we brought together a dozen thought leaders from Intel and McAfee who have been here since before the acquisition to explain how the cybersecurity marketplace and our work together has evolved.

We discuss the evolution in our thinking about security in silicon, our views at the time about the “perfect storm” approaching in the cybersecurity world and how that storm has played out, the challenges we saw in emerging hard-to-detect attacks, and our 2010 expectations for new device types vs. the reality of the marketplace. We also discuss some of the things that surprised us, most notably the transformation of cybercrime into a full-fledged industry.

Data exfiltration: An important step in the cyberthief’s journey

The last 10 years have produced a monumental increase in the number of major data breaches and the volume of records stolen, from T.J. Maxx’s 2007 breach of 94 million records to this year’s theft of 80 million Anthem patient records. This key topic focuses on an important step in the data theft process: data exfiltration. It is the way in which a cyberthief copies or moves data from the owner’s network to one the thief controls. We examine attacker types, their motivations, and their likely targets; the methods and mechanisms they use to steal data; and policies businesses should embrace to better detect exfiltration.

Those who are interested in what security professionals have to say about top data exfiltration categories and techniques, their major concerns about data loss, and popular tools companies use to prevent data exfiltration, can attend a webinar on September 16 where we will present findings from a recent CISO survey on this topic.

GPU malware: Separating fact from fiction

Malware attacks on graphics processing units (GPUs) have been around for years. In fact, a form of GPU malware has been active in the wild for at least four years—in the form of Bitcoin-mining Trojans that leverage GPU performance to increase the payout from each victim’s infected system.

Recently, a group published three proof-of-concept projects that together claim to use GPUs as an instrument of evasion by running code and storing data on GPUs—where no one is looking. In this key topic, we break down the projects’ claims into their components to establish what might be possible through the use of these software modules.

For more information on these and other topics, read the McAfee Labs Threats Report: August 2015.