Sunday, April 21, 2013

Symantec Tracks Growing Phishing and Watering Hole Attacks

Targeted cyber attacks, such as spear phishing, rose 42% in 2012 compared to a year earlier, according to Symantec's Internet Security Threat Report, Volume 18 (ISTR), released last week.

Over the past year, Symantec noted an increase in cyberespionage attacks targeted at the manufacturing sector as well as small businesses, which now constitute 31 percent of these attacks. This could be due to more sophisticated defenses in place at larger enterprises, or simply that the criminals have extended their reach to more organization.

Two significant attack vectors, according to the report, remain unpatched but legitimate websites (nearly 53% of legitimate websites were found to have unpatched vulnerabilities that hackers could potentially exploit to place malware) and mobile malware.

"This year’s ISTR shows that cybercriminals aren’t slowing down, and they continue to devise new ways to steal information from organizations of all sizes," said Stephen Trilling, chief technology officer, Symantec. "The sophistication of attacks coupled with today’s IT complexities, such as virtualization, mobility and cloud, require organizations to remain proactive and use ‘defense in depth’ security measures to stay ahead of attacks."

Some highlights of the report:

  • Watering hole attacks, where a legitimate website is poisoned and the hackers then wait for a victim to arrive, emerged as a rising threat in 2012. A large number of victims can be compromised in a short period of time.
  • Symantec estimates that 61% of websites serving malware are in fact legitimate website and unaware they have been compromised.
  • Global spam rates declined slightly in 2012.  Spam represented about 69% of all email sent in October 2012 compared to 79% in January 2011.
  • Symantec estimates that 1 in 414 emails is a phishing attack.
  • Symantec estimates that 1 in 283 emails is a malware attack.
  • Symantec found that Apple’s iOS had the most documented vulnerabilities in 2012, but that there was only one threat created for the platform. On the other hand, the Android OS only had 13 vulnerabilities reported, but led all mobile operating systems in the amount of malware written for the platform.