Top Cyber Threats: Security Research Roundup: Page 5
Find out what the latest research reveals about the current state of malware, phishing, and other attacks.
MOBILE ATTACK FUNCTIONALITY:
According to Symantec's Internet Security Threat Report, Volume 17 [PDF file], three factors are required for a major increase in mobile malware to occur: a widespread platform, readily accessible development tools, and sufficient attacker motivation. The first of those factors was recently fulfilled with Android's rapid growth in popularity. Symantec reports that more than half of all Android threats collect device data or track user activities, and almost a quarter of the mobile threats identified in 2011 were designed to send content. A popular way for mobile malware writers to make money is by sending premium SMS messages from infected devices, a technique that was used by 18 percent of all mobile threats identified in 2011. Still, mobile malware does much more than just send SMS – several attacks have been identified that track a victim's location via GPS and steal personal information from the victim's device.
THE RUSSIAN CYBERCRIME MARKET:
Russian cybercrime investigation and computer forensics firm Group-IB recently released a report entitled State and Trends of the Russian Digital Crime Market 2011 [PDF file], which estimates the financial performance of the entire global cybercrime market in 2011 at $12.5 billion, and the Russian share of that market at $2.3 billion. Russian-speaking cybercriminals, both in and outside of Russia itself, hold more than a third of the global cybercrime market, with estimated earnings of $4.5 billion. Key areas of growth, Group-IB reports, include online banking fraud and DDoS attacks. "The number of DDoS attacks in 2011 has grown as compared to previous periods," the report states. "The main targets were usually online stores and other representatives of the online business sphere. It should be noted, however, that the average strength of attacks in 2011, as compared to 2010, has weakened, with botnets typically numbering no more than 10,000 nodes used for attacking."
FEAR OF A CYBER ATTACK:
According to the 2012 Bit9 Cyber Security Research Report, a survey of 1,861 IT and security professionals worldwide found that almost two thirds of those surveyed expect their companies to be targeted by a cyber attack in the next six months. Those who work at larger organizations with more than 500 employees are much more concerned that those who work at smaller companies. And while most than half of the respondents in every market segment anticipate an attack, almost three quarters of government security professionals do so. The majority of respondents blame those fears on an increase in the number of hackers, rather than media hype or any perceived security weaknesses.
Jeff Goldman is a freelance journalist based in Los Angeles. He can be reached at firstname.lastname@example.org.