Security Market Segment LS
Tuesday, 14 April 2015 16:52

Symantec says malware more malicious and sophisticated

By

Symantec has released its Internet Security Threat Report Volume 20 for the 2014 year. Ransomware is up 113%, corporate defences are falling behind as cybercriminals move faster and the weakest link in security is you.

The 119-page ISTR report is heavy going and should be compulsory reading for system administrators and those consumers who have an interest in security. For the rest – I hope this article does it justice.

I spoke at length with Nick Savvides, Information Security Solution Engineer at Symantec prior to the report’s release.

He said that 2013 was the year of mega breaches – over 552 million identities were exposed, 23 zero-day vulnerabilities discovered, one in eight web sites had a critical vulnerability, a 62% increase in number of breaches and a 91% increase in targeted attacks.

“2014 will be memorable as the year ransomware increased by 113%, new levels of maliciousness, and increased sophistication as cybercriminals employed faster, highly targeted attacks on business – its where the money is,” Nick said.

The report covers six main areas

  1. Mobile Devices and Internet of Things
  2. Web Threats
  3. Social Media and Scams
  4. Targeted attacks
  5. Data breaches and privacy
  6. E-crime and malware

Its findings come from the Symantec Global Intelligence Network, which comprises 57.6 million attack sensors, in 157 countries that receive information from Symantec products and services such as Symantec DeepSight Intelligence, Symantec Managed Security Services, Norton consumer products, and other third-party sources. Spam, phishing, and malware data is captured through sources including the Symantec Probe Network, a system of more than 5 million decoy accounts. In other words, it is accurate.

MAIN FINDINGS

Rapid attack, slow response

Within hours of the Heartbleed vulnerability exposure, attackers were exploiting it. There were 24 zero-day vulnerabilities (ZDVs) - up one from 2013.

Operating system makers took 204 days, 22 days, and 53 days to provide a patch for the top three most exploited ZDVs – in 2013 it was just four days. Attackers used the top five for a combined 295 days before patches were available.

Attackers more sophisticated – old tactics for defence no longer work

Highly targeted spear-phishing increased and gained better response with less work. Trojanised software updates aimed at software a company uses became common. Nick explained that attackers now profile targets, find out what software they used, weaponised it, and via spear phishing encouraged the company to download updates and infect itself. Device drivers for the Internet of Things (IoT) was a particular target

These attackers had implemented high levels of surveillance to identify suppliers to targets, gathering public information by web searches, and even employing people to observe and infiltrate the organisation. In many cases, malware was able to enumerate systems and software used within a corporate network.

60% of all targeted attacks struck small and medium-sized organizations that don’t have the resources to invest in security, and many are still not adopting basic best practices like blocking executable files and screensaver email attachments.

Companies are not anticipating attacker’s tactics

While gaining access with employees credentials is still a major threat attackers have upped the bar by building custom attack software inside corporate networks by hijacking companies’ own infrastructure and turning it against them. Traditional protection is not adequate. Five out of every six large companies (2,500+ employees) were targeted with spear-phishing attacks - a 40% increase. Small- and medium-sized business attacks increased 26% and 30%, respectively.

Malware is the new black

More than 317 million new pieces of malware created nearly one million new threats each day. The sheer bulk of malware made it impossible to stop it all. For the first time it was seen on Android as well.

The main numerical use of malware was to install crypto-ransomware that grew 113%. It holds a victim’s files, photos and other digital media hostage. A key is provided upon payment – usually $300-500 and often in untraceable Bitcoins – to decrypt files and these is no guarantee the key will work.

“Being seventh globally for ransomware is rather disturbing when you think about it,” said Nick Savvides, Symantec security specialist. “I think it speaks to the fact that the attackers go where the money is and Australia’s a fairly wealthy country, so there are a lot of opportunities for the attackers to extract revenue out of this market.”

Cyber-criminals use social networks as a delivery mechanism

70% of social media scams were manually shared. They spread rapidly and are lucrative because people are more likely to click something posted by a friend.

Mobile is ripe for attack

Most users neglect even basic security precautions on their smartphones. 17% of all Android apps (nearly one million total) contained malware – these were not from Google Play Store but third party stores. Grayware apps that track user behaviour, accounted for 36% of all mobile apps. iTWire has articles on Android and iOS malware.

84% of mobile vulnerabilities are iOS related and 11% from Android. These threats are lessened by using official app stores and not jailbreaking or rooting the device. They include:

  • Send Content – premium SMS, Spam and SEO Poisoning threats.
  • Adware/Annoyance – advertisement popups and unwanted information.
  • Reconfigure Device – modify user settings, and elevates privileges.
  • Traditional Threats – Backdoor Trojans, Downloaders, DDoS utility, Hacktool and Security Alerts.
  • Steal Information – steal device data, media files and any user credentials e.g. Banking Trojan.
  • Track User – spy on users, tracks user location.

IoT is not immune

Any device attached to the Internet is an IoT – smartwatches, routers, thermostats, network storage, web camera’s and in business Point of Sales systems and even ATMs. The potential for cyberattacks against cars and medical equipment should be a concern. For example 52% of health apps—many of which connect to wearable devices - did not have a privacy policy in place, and 20% sent personal information, logins, and passwords over the wire in clear text. 66% of users were willing to trade their privacy for a free app.

Opinion - The human element

The biggest weakness is not the hardware – that can be protected but human that uses it.

Malware requires human interaction – you have to say yes to install it.

Spear-phishing requires you to act on an email by clicking on a link and then installing malware.

Stolen credentials are due to loss of unsecured mobile devices or in some cases by coercion – money is paid to get access. Also by attackers posing as system administrators and tricking you to reveal logins and passwords – the old ‘Microsoft support’ phone call scam.

The more I spoke to Nick the more I realised that we don’t have an IT drivers licence, we don’t teach security in schools or tertiary institutions and we are all too trusting. There is no such thing as a free iPad for answering a few questions, weight loss requires a balanced diet and exercise and let’s not get into the pharmaceutical, sex, inheritance, and other scams.

Attackers however are surveilling businesses, workers and their habits. The higher the stakes the easier it is to gather information that can be used to trick you. What if you got an email saying your best friend had died – click here for information? What if you click on a cute puppy picture and have to say “Yes” to view it? What if an SMS comes from a colleague with a link to click to get work instructions? These are all real ways to get malware.

Wise up please. The more I research security the more I realise security breaches are preventable with common sense. Australian’s are famous for the ‘She’ll be right attitude – can’t happen to me’ – well have I got a deal for you!

 


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments