The evolution of IT threats in the first quarter of 2011
Kaspersky Lab’s experts identify a number of important trends following the results of its quarterly malware report
Abingdon, UK, 19 May 2011 – Cyber criminals have capitalised on the recent growth in popularity of the Android mobile platform. Based on the number of new mobile malware signatures detected during this period, Kaspersky Lab’s experts believe that the total volume of mobile malware in 2011 will be at least double that of 2010. That growth will be driven by the emergence of new methods of infecting users’ computers.
For instance, over 50 malicious Android OS applications were detected in Q1 that were written by cybercriminals and distributed via the Android Market. These malicious programs are re-packaged versions of legal software alongside malicious Trojan components. Kaspersky Lab’s experts predict that the number of embedded malicious programs distributed via online app stores will keep increasing in the future. Firstly, a developer’s account is cheap and secondly, checking the code of newly published applications is highly labour-intensive and difficult to automate.
The situation concerning mobile threats is further complicated by the fact that personal smartphones are increasingly used to store and send confidential corporate information. At the same time, company employees tend to underestimate the importance of protecting data stored on such devices. Furthermore, smartphones are likely to be widely adopted as ‘mobile wallets’ in the near future, reinforcing the importance of mobile security products.
The increasing number of attacks on different organisations was another significant trend in the first quarter of 2011. In addition to conventional DDoS attacks that block access to corporate servers for indeterminate periods of time, there were also many that focused on gaining unauthorised access to such servers in order to steal information. All the signs indicate that some professional cybercriminals have switched from mass home computer infections to hacking major corporations. This practice naturally involves more risk for the attackers; however, the stakes and the potential rewards associated with targeted attacks on corporations are higher and there are fewer competitors in this segment of the black market.
The first quarter also saw a wave of so-called protest attacks carried out by cybercriminals in order to damage company reputations rather than make a profit. A notable example of such an attack was the hacking incident targeting HBGary, an IT security company based in the US. Having gained access to confidential information belonging to the company, the hackers then made it public. These days, such a practice is exceptional; information is typically stolen by cybercriminals in order to sell it or to extort payment to prevent its publication.
At the end of Q1, a new variant of the dangerous GpCode ransomware appeared. This Trojan encrypts data on infected computers and then demands a ransom from the owner. Unlike its previous variants that deleted encrypted files, the new GpCode versions overwrite files with encrypted data, making them practically unrecoverable. Interestingly, the cybercriminals only attacked users in Europe and the former soviet republics, while the attack lasted for several hours only. Such cautiousness demonstrated by the writer of the Trojan indicates that the intention was not to cause a massive infection that would almost certainly draw the attention of law enforcement agencies. It is likely that future attacks of the encrypting Trojan will also be carefully targeted.
Yet another trend which directly impacts IT security is the growing popularity of social networks, blogs, torrents, YouTube and Twitter, which increasingly alters the digital landscape. These services facilitate the swift and simple exchange of data between users located in every corner of the world. Data published in users’ blogs is often deemed as being as credible as that from official media outlets. The popularity of such resources has already caught the attention of cybercriminals. In future, the number of attacks carried out on and via these services is only likely to increase.
- Symantec Report Finds Cyber Threats Skyrocket in Volume and Sophistication
- LinkedIn announces webcast of second quarter 2011 earnings conference call
- What is the value of your leaked data?
- Research In Motion Reports Year-End and Fourth Quarter Results for Fiscal 2011
- Symantec Announces April 2011 MessageLabs Intelligence
- HP Collaborates with Leading Researchers to Identify Security Threats at Pwn2Own Competition
- Symantec Introduces New Security Solutions to Counter Advanced Persistent Threats
- Eugene Kaspersky at CeBIT 2011: “Safeguarding Mobile Devices Now More Important Than Ever”
- Ciena Unveils New Carrier Ethernet Solutions to Drive 4G Mobile Evolution
- Worldwide Mobile Device Sales Grew 13.8 Percent in Second Quarter of 2010
Related posts brought to you by Yet Another Related Posts Plugin.