Latest news
80% of attacks are redirects from legitimate sites
Posted on 05 December 2012.
Sophos released its Security Threat Report 2013, a detailed and interactive assessment of what’s happened in IT security for 2012 and what’s expected for 2013.
2012 was a year of new platforms and modern malware—what was once a homogeneous world of Windows systems, is now a landscape made up of diverse platforms. Modern malware is taking advantage of these trends, creating new challenges for IT security professionals.
The increasing mobility of data in corporate environments has forced IT staff to become even more agile. 2012 was also a retro year driven by resurgence in traditional malware attacks, specifically malware distributed via the web. For example, more than 80 percent of attacks were redirects, the majority of which were from legitimate websites that were hacked.
Unprotected computers are vulnerable to different kinds of malware attack. Exposure to the majority, but not all, comes from simply clicking on links in emails or browsing web pages that happen to be carrying malicious code.
Although some websites are created with the intention of infecting visitors, legitimate websites continue to be a popular target for cybercriminals, as once they are compromised, they will infect completely unsuspecting internet users.
While a large proportion of cybercrime continues to be opportunistic, Sophos believes that, in 2013, increased availability of malware testing platforms — some even providing criminals with money back guarantees – will make it more likely for malware to slip through traditional business security systems. As a result, we can expect to see an increase in the number of incidents where attackers have gained and sustained surreptitious access to corporate networks.
Additional trends expected in the year ahead include:
More basic web server mistakes
Due to an uptick in credential-based extractions, IT professionals will need to pay equal attention to protecting both their computers as well as their web server environment.
More “irreversible” malware
More attacks will place a greater focus on the need for behavioral protection mechanisms as well as system hardening and backup/restore procedures.
Attack toolkits with premium features
A continued evolution in the maturation of exploit kits, including premium features such as built in scriptable web services, APIs, and malware quality assurance platforms that appear to make access to high quality malicious code even simpler.
Better exploit mitigation
Enhanced exploit mitigation will not mean the end of exploits, instead, the market will see a decrease in vulnerability exploits offset by a sharp rise in social engineering attacks across a wide array of platforms.
Integration, privacy and security challenges
With GPS and near field communication (NFC) becoming more integrated into mobile platforms, expect to see a convergence in our digital and physical lives. This trend is identifiable not just for mobile devices, but for computing in general. In the coming year, watch for new examples of attacks built on these technologies.
“Two of the defining terms of 2012 are ‘empower’ and ‘evolve.’ Attacks and threats—on PCs, Macs and mobile devices—continue to evolve as does the technology to combat them,” said Gerhard Eschelbeck, CTO, Sophos. “As users demand more and better ways to do their jobs, IT continues to evolve, bringing forth a new set of operating systems and other advancements, replete with different security models and attack vectors, making it crucial for security technology to evolve, ensuring that end users are protected and empowered—no matter what platform, device, or operating system they choose.”
The complete report is available here.
2012 was a year of new platforms and modern malware—what was once a homogeneous world of Windows systems, is now a landscape made up of diverse platforms. Modern malware is taking advantage of these trends, creating new challenges for IT security professionals.
The increasing mobility of data in corporate environments has forced IT staff to become even more agile. 2012 was also a retro year driven by resurgence in traditional malware attacks, specifically malware distributed via the web. For example, more than 80 percent of attacks were redirects, the majority of which were from legitimate websites that were hacked.
Unprotected computers are vulnerable to different kinds of malware attack. Exposure to the majority, but not all, comes from simply clicking on links in emails or browsing web pages that happen to be carrying malicious code.
Although some websites are created with the intention of infecting visitors, legitimate websites continue to be a popular target for cybercriminals, as once they are compromised, they will infect completely unsuspecting internet users.
While a large proportion of cybercrime continues to be opportunistic, Sophos believes that, in 2013, increased availability of malware testing platforms — some even providing criminals with money back guarantees – will make it more likely for malware to slip through traditional business security systems. As a result, we can expect to see an increase in the number of incidents where attackers have gained and sustained surreptitious access to corporate networks.
Additional trends expected in the year ahead include:
More basic web server mistakes
Due to an uptick in credential-based extractions, IT professionals will need to pay equal attention to protecting both their computers as well as their web server environment.
More “irreversible” malware
More attacks will place a greater focus on the need for behavioral protection mechanisms as well as system hardening and backup/restore procedures.
Attack toolkits with premium features
A continued evolution in the maturation of exploit kits, including premium features such as built in scriptable web services, APIs, and malware quality assurance platforms that appear to make access to high quality malicious code even simpler.
Better exploit mitigation
Enhanced exploit mitigation will not mean the end of exploits, instead, the market will see a decrease in vulnerability exploits offset by a sharp rise in social engineering attacks across a wide array of platforms.
Integration, privacy and security challenges
With GPS and near field communication (NFC) becoming more integrated into mobile platforms, expect to see a convergence in our digital and physical lives. This trend is identifiable not just for mobile devices, but for computing in general. In the coming year, watch for new examples of attacks built on these technologies.
“Two of the defining terms of 2012 are ‘empower’ and ‘evolve.’ Attacks and threats—on PCs, Macs and mobile devices—continue to evolve as does the technology to combat them,” said Gerhard Eschelbeck, CTO, Sophos. “As users demand more and better ways to do their jobs, IT continues to evolve, bringing forth a new set of operating systems and other advancements, replete with different security models and attack vectors, making it crucial for security technology to evolve, ensuring that end users are protected and empowered—no matter what platform, device, or operating system they choose.”
The complete report is available here.
Spotlight
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
Internet Explorer best at blocking malware
Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.
Researcher refuses to help Saudi telco to spy on people
Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.
Malicious browser extensions are hijacking Facebook accounts
Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
