80bil incidents of post-infection malware activity in 2013: Dell
By Digital News Asia March 18, 2014
- ‘Unprecedented growth … as cybercriminals steadily enhance speed and effectiveness’
- Browser-based attacks lead list; Java No 1 target, followed by IE and Adobe Flash Player
THE Dell SonicWALL Threat Research Team has released its annual threat report, which revealed trends in zero-day vulnerabilities and new cybercriminal tactics.
The annual report is based on data collected by the Dell SonicWALL Global Response Intelligent Defence (GRID) Network, a threat intelligence network with over one million sensors that monitors traffic for emerging threats around the globe, Dell said in a statement.
“Our threats researchers are unearthing unprecedented growth and threat patterns as cybercriminals steadily enhance speed and effectiveness,” said Patrick Sweeney, executive director of product management at Dell Security Products.
“Even tried-and-true crimeware has evolved in the last year, becoming much more rigorous and sophisticated.
“These and other forms of threats are causing more financial and data theft to enterprises than ever before, prompting organisations of all sizes to take action against the next surge of threats with re-architected IT and processes,” he added.
Key findings for calendar year 2013 include:
- Post-infection malware activity: At 78 billion hits globally, remotely accessed malware opens the door to risk that can cause significant damage before organisations are able to quarantine and remediate;
- There were 14 reported zero-day vulnerabilities in 2013: Browser-based attacks lead the list with Java being the No 1 targeted application, followed closely by Internet Explorer, and Adobe Flash Player. Other notable zero-days targeted Adobe Reader and the Windows operating system;
- Increase in threats using SSL encryption: Dell SonicWALL threat researchers witnessed a rise in bots relying on SSL-encrypted communication to Command and Control servers. This is designed to evade detection by disguising communication in an encrypted session;
- Death of BlackHole: 2013 also saw the end of the BlackHole exploit kit with the author’s arrest in October. As a result, the SonicWALL Threat Research Team expects 2014 to bring an increase of new exploit kits discovered in the wild; and
- Advent of sophisticated ransomware: For the first time, in 2013, SonicWALL threat researchers saw cybercriminals begin to deploy more robust ransomware that leverages asymmetric-key encryption to encrypt critical data on infected machines. They observed a new Cryptolocker Trojan that, unlike traditional Ransomware, leaves system access intact but encrypts various documents and executables found on the system.
As a result of this data, Dell’s IT security predictions for 2014 are:
- Hybrid malware on the rise: Sophisticated malware that infects both mobile and desktop systems is expected to increase. Android will still be the leading platform for mobile device and will continue to be the focus for many cybercriminal attacks.
- New targets on Windows: Windows XP – one of the top 15 affected products in 2013 – will continue to realise a surge of attacks as its support life cycle is ending in 2014. Organisations that do not migrate to a newer version of Windows and continue to use Windows XP are especially vulnerable without Microsoft support and patching. Researchers also expect to see exploits targeting Windows 7/8 to increase in 2014.
- Evolution of Bitcoin malware: As bitcoin gains in popularity and value, cybercriminals have once again set their target on obtaining the digital currency through malicious activities. In late 2013, SonicWALL researchers observed an increase in bitcoin-mining botnets, which were designed to hijack computing power to mine for bitcoins with zero hardware or energy expenses to the criminal operation.
The full 2013 Dell SonicWALL Security Threat Report 2013 can be downloaded here.
Warning, warning: 30 days to WinXP, Office 2003 expiry
Bitcoin-mining malware on the rise in APAC: Trend Micro
42% surge in targeted attacks, small businesses have bullseye painted on
Old malware still threaten in Malaysia, thanks to legacy systems and pirated OSes
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.