You can’t seem to outrun them. They are seem to strike when least expected. They are growing by the day and you wish they would stop. But no, they continue to haunt you and strike fear in you. And they continue to grow in numbers very rapidly.
Malware – known and unknown – are plaguing organizations and computer users across the globe.
A recent report from Checkpoint states that 106 unknown malware types hit an average organization every hour last year. It seems unreal, but true.
The proliferation of malware attacks has increased from 2.2 downloads per hour in 2013 to 48 times more in 2014. It’s not hard to guess what it will be like this year. Out of this, the report stated that 52 per cent of files infected with unknown malware were PDFs, while 3 per cent were Microsoft Office files. It looks like Adobe is the preferred vector for attacks.
In previous advisories, we have reported about bots or botnets (see Definition). Bots have been playing a prominent role in amplifying and accelerating the spread of malware. In 2014, 83 per cent of organizations studied were infected with bots while in 2013 it was only 73 per cent. These bots communicated with their C&C (control and command) servers every minute on average.
About half the bots were active for more than 4 weeks resulting in untold amounts of data exfiltration (see Definition). As such a large number of organizations analysed suffered data loss – up by 50 percent from 2013.
Insider threats and bring-your-own-device (BYOD) has also contributed to the success of malware infection, which is directly related to employees’ action. BYOD can be likened to ‘office-on-the-go’. You are basically connected 24 hours a day. However, this vector is a gateway to easier access to more organizational assets than any other intrusion point, which poses a challenge to organizations.
In fact the biggest challenge these organizations are facing with mobile security is securing corporate information, followed by managing personal devices storing both corporate and personal data.
As the President of Checkpoint says, “Today’s cyber-criminals are sophisticated and ruthless: They prey on the weaknesses in a network, approaching any security layer as an open invitation to try to hack it. In order to protect themselves against attacks, security professionals and organizations alike must understand the nature of the latest exploits and how their networks are potentially impacted. Only by arming themselves with a combination of knowledge and strong security solutions can they truly protect themselves against these evolving threats. By making that security a critical asset to your business, you can turn security into an enabler. And in doing so, you’re able to unlock innovation and foster an environment for high performance and productivity.”
Definition
- Bot / Botnet – a bot is a type of malware that allows an attacker to take control over an affected computer. It is usually part of a network of machines, known as a “botnet” (robot network).
- Data exfiltration – it is the unauthorized copying, transfer or retrieval of data from a computer or server by cybercriminals.
Source
- Info Security.
- Security Affairs (image, pg 1).
- Beta News (image, pg 2).
The Week That Was
1. Facebook Messenger no longer tracks your location by default. Last week it was reported that a chrome extension, Marauder’s Map, could track Facebook Messenger users. Now with the latest update being released soon, users have a control on whether they would like to be tracked or not.
2. 4 million current and former U.S. Officials private data compromised. Hackers broke into US government computer systems and stole records of millions of employees. It is believed to be carried out by hackers in China.
3. Syrian Electronic Army Hijacks US Army Website. The SEA claimed to have taken over the US Army’s official website. The Army had temporarily taken the site down and confirmed that the SEA had compromised the site and posted messages.
4. Cyber Attack against Kaspersky Lab Corporate Network. The company detected a cyber-intrusion affecting several internal systems. Investigations revealed that the attack was from one of the most skilled threat actors in the Advanced Persistent Threat (APT) world: Duqu.
5. Facebook UnfriendAlert Software Steals Your Account Password. Facebook users like finding out who visited their Facebook profile, who unfriended them, who saw their post, etc. With this in mind, cybercriminals have jumped on the bandwagon and developed a free app, UnfriendAlert, that notifies users when someone unfriends them, but at the same time collect users’ Facebook credentials.