Cybercriminals shifting to more deceptive tactics: Microsoft
By Digital News Asia May 19, 2014
- Deceptive downloads identified as top threat in 95% of 110 countries/ regions surveyed
- Increase corresponds with 70% decline in vulnerabilities exploited in Microsoft products
CYBERCRIMINALS are increasingly turning to deceptive tactics for malicious purposes such as stealing people’s personal and financial information, according to Microsoft Corp, which recently released its Security Intelligence Report (SIR) Volume 16.
This is happening as attacks against software are becoming more difficult and expensive, the company said in a statement.
In the last quarter of 2013, the number of computers that had to be disinfected as a result of deceptive tactics more than tripled.
One of the most common tactics used was deceptive downloads. Such downloads were identified as a top threat in 95% of the 110 countries/ regions that Microsoft’s data examined.
The top three deceptive threats in Malaysia during the fourth quarter of 2013 were Rotbrow, Brantall and Obfuscator:
- Rotbrow: This family of trojans installs browser add-ons that claim to protect you from other add-ons. These addons can make changes to your homepage and also install a program that claims to protect your computer from browser add-ons, but actually installs more browser add-ons and other malware. Rotbrow was encountered by 59 out of every 1,000 systems that run Microsoft’s real-time anti-malware products in the second half of 2013. It was the top threat family facing both enterprises and consumers in the fourth quarter.
- Brantall: Acts as an installer for various legitimate programs, installs itself as a service in some cases, installs both the advertised legitimate program, additional bundled applications and other malicious software. Brantall was encountered by 36 out of every 1,000 systems that run Microsoft’s real-time anti-malware products in 2H13, and was the second most common threat family facing both enterprises and consumers in 4Q13.
- Obfuscator: A generic detection for threats that have been modified by malware obfuscation tools in an attempt to avoid detection by security software.
This increase in deceptive tactics corresponds with a 70% decline in the number of severe vulnerabilities exploited in Microsoft products between 2010 and 2013. This is a clear indication that newer products are providing better protection, Microsoft claimed.
Additionally, the increased adoption of several key security mitigations across the industry is making it more difficult and expensive for cybercriminals to develop software exploits.
“Keeping cybercriminals on the run requires a robust security strategy,” said Tim Rains (pic), director, Trustworthy Computing, Microsoft.
“The safest houses don’t just have locked doors, they have well-lit entry points and advanced security systems. It’s the same with computer security – the more we layer our defences, the better we are at thwarting attacks,” he added.
Cybercriminals lure their victims with deceptive downloads by bundling malware with legitimate downloadable content such as software, music or videos found online.
While the threat of deceptive downloads is on the rise, their impact is often not seen right away. Infected machines often continue to function, and the only observable signs of the malicious download might be a slower computer or unexpected search results popping up in a browser.
Over time, fraudulent activity like click fraud generated from the infected computer can tarnish an individual’s online reputation.
While deceptive downloads were identified as one of the most prevalent tactics used worldwide, ransomware is another deceptive practice that continues to affect people and can be devastating for those victimised by it, Microsoft said.
Ransomware often pretends to be an official-looking warning from a well-known law enforcement agency. It accuses its victim of committing a computer-related crime and demands he or she pay a fine to regain control of the computer.
Ransomware is geographically concentrated, but for cybercriminals looking to make a quick profit, the data shows it is an increasingly alluring tactic. In fact, the top ransomware threat encountered globally increased by 45% between the first half and the second half of 2013, the company added.
In light of this new information on cyber-threats, Microsoft advises customers take a few actions to help keep themselves protected, including using newer software whenever possible and keeping it up to date; only downloading from trusted sources; running antivirus; and backing up files.
Commenting on the findings in Microsoft’s SIR 16, CyberSecurity Malaysia (CSM) chief executive officer Dr Amirudin Abdul Wahab (pic) reminded Malaysians to develop, foster and maintain a culture of cybersecurity.
“As cybercriminals move towards more deceptive practices amidst a more ubiquitous use of computing among Malaysians, users have to become even more vigilant to safeguard their knowledge of cybersecurity best practices – whether it is in their homes or at school and work,” he said.
CSM is the national cyber-security specialist agency under the purview of the Ministry of Science, Technology, and Innovation.
Microsoft releases its SIR twice a year, using data from more than a billion systems worldwide and some of the busiest online services.
The report provides an in-depth analysis on the latest threat trends for 110 countries/ regions worldwide and is designed to help inform people about the most prevalent global and regional threat trends so that they can better protect themselves and their organisations.
To download the full report, click here. To check out only the key findings, click here.
Microsoft's Katie Moussouris: Humans still the weakest link in security chain
Aware of risks, Malaysians persist with bad online habits: Survey
80bil incidents of post-infection malware activity in 2013: Dell
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.