Targeted attacks plague cyber landscape

Posted by Aharon Etengoff

Targeted attacks are currently plaguing the cyber landscape, with an increasing number exploiting zero-day vulnerabilities to breach digital perimeters.

During 2010, cyber criminals launched a slew of targeted attacks against a diverse collection of publicly traded, multinational corporations, government agencies and smaller companies.

According to recently published Symantec report, the attackers frequently researched "key" victims within each corporation and subsequently deployed tailored social engineering attacks to gain network entry.

Targeted attacks plague cyber landscape

Although the high-profile targeted attacks of 2010 (Stuxnet and Hydraq) attempted to steal intellectual property or cause physical damage, many such attacks targeted individuals for specific personal information. 



To be sure, data breaches resulted in an average of more than 260,000 identities exposed per incident in 2010, nearly quadruple that of any other cause.

Mobile

Meanwhile, major mobile platforms remained vulnerable to malware attacks in the form of Trojan Horses.

While cyber criminals generated some malware from scratch, in many cases, they infected users by simply inserting malicious logic into existing apps which were subsequently distributed via public app stores.

Unsurprisingly, cyber criminals are routinely capable of bypassing mobile security by attacking inherent vulnerabilities in platform implementations.

At least 163 vulnerabilities were identified in 2010 that could be used by attackers to gain partial or complete control over devices running popular mobile platforms. 



Social Networking Vulnerabilities

The report also labeled social networks a "fertile ground" for cyber criminals, who continue to swamp such sites with a large volume of malware via the use of shortened URLs. 

In addition, attackers "overwhelmingly" exploited news-feed capabilities provided by popular social networking sites to mass-distribute attacks by hijacking social networking accounts.

In 2010, approximately 65 percent of malicious links in news feeds used shortened URLs. 73 percent were clicked 11 times or more, with 33 percent receiving between 11 and 50 clicks.



Attack toolkits target Java

As expected, an increasing number of attack toolkits were coded to target Java vulnerabilities. The Phoenix toolkit - which incorporates exploits against Java vulnerabilities - was responsible for the most Web-based attack activity in 2010.

Interestingly, the number of measured Web-based attacks per day jumped by a staggering 93 percent in 2010 compared to 2009, with such kits "likely" responsible for a significant amount of the recorded increase.