Security Market Segment LS
Tuesday, 14 April 2015 16:52

Symantec says malware more malicious and sophisticated

By

Symantec has released its Internet Security Threat Report Volume 20 for the 2014 year. Ransomware is up 113%, corporate defences are falling behind as cybercriminals move faster and the weakest link in security is you.

The 119-page ISTR report is heavy going and should be compulsory reading for system administrators and those consumers who have an interest in security. For the rest – I hope this article does it justice.

I spoke at length with Nick Savvides, Information Security Solution Engineer at Symantec prior to the report’s release.

He said that 2013 was the year of mega breaches – over 552 million identities were exposed, 23 zero-day vulnerabilities discovered, one in eight web sites had a critical vulnerability, a 62% increase in number of breaches and a 91% increase in targeted attacks.

“2014 will be memorable as the year ransomware increased by 113%, new levels of maliciousness, and increased sophistication as cybercriminals employed faster, highly targeted attacks on business – its where the money is,” Nick said.

The report covers six main areas

  1. Mobile Devices and Internet of Things
  2. Web Threats
  3. Social Media and Scams
  4. Targeted attacks
  5. Data breaches and privacy
  6. E-crime and malware

Its findings come from the Symantec Global Intelligence Network, which comprises 57.6 million attack sensors, in 157 countries that receive information from Symantec products and services such as Symantec DeepSight Intelligence, Symantec Managed Security Services, Norton consumer products, and other third-party sources. Spam, phishing, and malware data is captured through sources including the Symantec Probe Network, a system of more than 5 million decoy accounts. In other words, it is accurate.

MAIN FINDINGS

Rapid attack, slow response

Within hours of the Heartbleed vulnerability exposure, attackers were exploiting it. There were 24 zero-day vulnerabilities (ZDVs) - up one from 2013.

Operating system makers took 204 days, 22 days, and 53 days to provide a patch for the top three most exploited ZDVs – in 2013 it was just four days. Attackers used the top five for a combined 295 days before patches were available.

Attackers more sophisticated – old tactics for defence no longer work

Highly targeted spear-phishing increased and gained better response with less work. Trojanised software updates aimed at software a company uses became common. Nick explained that attackers now profile targets, find out what software they used, weaponised it, and via spear phishing encouraged the company to download updates and infect itself. Device drivers for the Internet of Things (IoT) was a particular target

These attackers had implemented high levels of surveillance to identify suppliers to targets, gathering public information by web searches, and even employing people to observe and infiltrate the organisation. In many cases, malware was able to enumerate systems and software used within a corporate network.

60% of all targeted attacks struck small and medium-sized organizations that don’t have the resources to invest in security, and many are still not adopting basic best practices like blocking executable files and screensaver email attachments.

Companies are not anticipating attacker’s tactics

While gaining access with employees credentials is still a major threat attackers have upped the bar by building custom attack software inside corporate networks by hijacking companies’ own infrastructure and turning it against them. Traditional protection is not adequate. Five out of every six large companies (2,500+ employees) were targeted with spear-phishing attacks - a 40% increase. Small- and medium-sized business attacks increased 26% and 30%, respectively.

Malware is the new black

More than 317 million new pieces of malware created nearly one million new threats each day. The sheer bulk of malware made it impossible to stop it all. For the first time it was seen on Android as well.

The main numerical use of malware was to install crypto-ransomware that grew 113%. It holds a victim’s files, photos and other digital media hostage. A key is provided upon payment – usually $300-500 and often in untraceable Bitcoins – to decrypt files and these is no guarantee the key will work.

“Being seventh globally for ransomware is rather disturbing when you think about it,” said Nick Savvides, Symantec security specialist. “I think it speaks to the fact that the attackers go where the money is and Australia’s a fairly wealthy country, so there are a lot of opportunities for the attackers to extract revenue out of this market.”

Cyber-criminals use social networks as a delivery mechanism

70% of social media scams were manually shared. They spread rapidly and are lucrative because people are more likely to click something posted by a friend.

Mobile is ripe for attack

Most users neglect even basic security precautions on their smartphones. 17% of all Android apps (nearly one million total) contained malware – these were not from Google Play Store but third party stores. Grayware apps that track user behaviour, accounted for 36% of all mobile apps. iTWire has articles on Android and iOS malware.

84% of mobile vulnerabilities are iOS related and 11% from Android. These threats are lessened by using official app stores and not jailbreaking or rooting the device. They include:

  • Send Content – premium SMS, Spam and SEO Poisoning threats.
  • Adware/Annoyance – advertisement popups and unwanted information.
  • Reconfigure Device – modify user settings, and elevates privileges.
  • Traditional Threats – Backdoor Trojans, Downloaders, DDoS utility, Hacktool and Security Alerts.
  • Steal Information – steal device data, media files and any user credentials e.g. Banking Trojan.
  • Track User – spy on users, tracks user location.

IoT is not immune

Any device attached to the Internet is an IoT – smartwatches, routers, thermostats, network storage, web camera’s and in business Point of Sales systems and even ATMs. The potential for cyberattacks against cars and medical equipment should be a concern. For example 52% of health apps—many of which connect to wearable devices - did not have a privacy policy in place, and 20% sent personal information, logins, and passwords over the wire in clear text. 66% of users were willing to trade their privacy for a free app.

Opinion - The human element

The biggest weakness is not the hardware – that can be protected but human that uses it.

Malware requires human interaction – you have to say yes to install it.

Spear-phishing requires you to act on an email by clicking on a link and then installing malware.

Stolen credentials are due to loss of unsecured mobile devices or in some cases by coercion – money is paid to get access. Also by attackers posing as system administrators and tricking you to reveal logins and passwords – the old ‘Microsoft support’ phone call scam.

The more I spoke to Nick the more I realised that we don’t have an IT drivers licence, we don’t teach security in schools or tertiary institutions and we are all too trusting. There is no such thing as a free iPad for answering a few questions, weight loss requires a balanced diet and exercise and let’s not get into the pharmaceutical, sex, inheritance, and other scams.

Attackers however are surveilling businesses, workers and their habits. The higher the stakes the easier it is to gather information that can be used to trick you. What if you got an email saying your best friend had died – click here for information? What if you click on a cute puppy picture and have to say “Yes” to view it? What if an SMS comes from a colleague with a link to click to get work instructions? These are all real ways to get malware.

Wise up please. The more I research security the more I realise security breaches are preventable with common sense. Australian’s are famous for the ‘She’ll be right attitude – can’t happen to me’ – well have I got a deal for you!

 

Read 5459 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments