A recent report by Symantec Internet Security Threat Report (ISTR) indicate a potential increase in the threat of attacks on mobile devices. This encouraged more widespread platform users of mobile devices that attract the attention of attackers.
This report comes from data gathered by the tens of millions of Internet censorship, direct research, and monitoring of active communication hackers. The aim is to provide global insights on the condition of Internet security. Left ISTR Volume 16 research was initiated from January 2010 until December 2010.
"We can not deny that our lives are surrounded by activities that use information technology. Gadgets such as cellphones, laptops, iPad, Galaxy Tab, or whatever it is, has become a thing that we must take it to everywhere. We can online where only, bersosialiasi in cyberspace at any time, "said Darric Hor, General Manager of Symantec for Indonesia and the Philippines, in a press conference Symantec Symposium 2011" Be Prepared To Take Control "at the Grand Hyatt Hotel, Jakarta, Wednesday (04/27/2011) .
Symantec reported, in 2010, most attacks of malicious programs (malware) on mobile devices is a Trojan horse program that masquerades as a legitimate application / genuine. Although the attacker makes some completely new malware, in many cases, they infect users by entering malicious logic into the existing native applications. The attacker then sends the application through the app store is infected with the public.
For example, makers of Trojan Pjapps recently using this approach. Although the new security architecture that is used in mobile devices are now as effective as existing desktop and server is attacked, the attacker can often pass this protection by attacking the vulnerabilities inherent in the implementation of these mobile platforms. Unfortunately, these deficiencies are common. Symantec documented 163 vulnerabilities for the year 2010 which can be used to control the attacker for part or all devices that use moving platforms known.
In the first few months of 2010 attackers exploit these weaknesses to infect hundreds of thousands of different devices. Based on these findings, it is not surprising that 47 percent of organizations / companies are not sure they can effectively control the risks caused by mobile devices. And, that more than 45 percent of the organization said the security problem is one of the biggest obstacles to launch more intelligent devices.
Targeted Attacks
The high activity also encourages the use skyrocketing information technology that increasingly sophisticated cyber threats. Thus, the main highlight in this report include a dramatic increase both in frequency and sophistication of attacks targeted at the enterprise environment, continued growth of social networking sites as a place to spread the attack, and attackers change tactics infection, which is increasingly targeting vulnerabilities in Java in order to break into traditional computer systems.
"The nature of the threat has been increasingly broad range of targeting individual account at a bank until the target information and physical infrastructure of a country," says Raymond Goh, Regional Technical Director of Systems Engineering, Symantec. "The scale of these attacks are very diverse, ranging from multinational companies listed on the stock and government agencies to small-scale firms and individual computer users." Raymond added.
Targeted attacks such as Hydraq and Stuxnet lead to increased threats in an enterprise environment in 2010. To increase the chances for successful entry into the enterprise without being detected, the more targeted attacks are zero-day exploit vulnerabilities to get into computer systems.
As one example, Stuxnet itself can exploit four different zero-day vulnerability to attack targets. In 2010, assailants launched the attack pointed to various multinational companies listed on stock exchanges and government agencies, as well as companies that rate is quite surprising.
In many cases, the attacker examines the main victims in each company and then using social engineering attacks (social engineering), adjusted for admission to the victim network. Because it is directed, many of these attacks were successful even when the organization / company who becomes the victim has had basic security procedures that have been applied.
Although the attack targeted a high level in 2010 trying to steal intellectual property or cause physical damage, many targeted attacks also targeted individuals to obtain their personal information.
For example, the report reveals that the data breach caused by hacking managed to steal an average of more than 260,000 identity for each violation in the year 2010, nearly four times the data theft caused by other factors.
The popularity of social networking is signifacantly increasing, and this popularity has also attracted large amounts of malware. One of the main attack techniques applied in social networking sites involves the use of a shortened URL. Under normal circumstances, the shortened URL is applied to efficiently send a link within the e-mail or on web pages to other web pages.
Last year, attackers have posted millions of short link this to social networking sites to trick the victim to phishing attacks and malware infections that increase the success rate drastically. This report reveals that the attacker is utilizing the perfomance of news-feeds provided by well-known social networking sites to send attack massively.
In this scenario, the attacker walked into a social networking account that was hijacked and post a short link that directs to a malicious website in the status of the victim. Social networking sites are then automatically send the link to a news feed of her friends so that it spread the link to hundreds or thousands of potential victims in minutes.
Based on Symantec's observation in 2010, 65 percent of the malicious links on the news feed using the short URL. Of these, 73 percent clicked 11 times or more and 33 percent have between 11 to 50 clicks.
In 2010, an attack toolkit, software programs that can be used both by beginners and experts who want to broadly facilitate the launch attacks on computer networks, it is widely used more. This kit is increasingly targeting the vulnerability in the Java system of the famous, which reached 17 percent of all vulnerabilities affecting browser plug-ins in 2010.
As a multi-platform technology is cross-browser, Java is an attractive target for attackers. Phoenix toolkit is responsible for most of the activities of attacks in 2010. This kit, as well as many other kits, have the ability to exploit the vulnerability of Java. Sixth Web-based attacks during the reporting period is also an attempt to exploit the Java technology.
The number of Web-based attack that measured per day is increased by 93 percent in 2010 compared with 2009. Because two-thirds of the overall activity of Web-based threats observed by Symantec is directly linked to the attack kit, a kit is probably responsible for most of this increase.
Tidak ada komentar:
Posting Komentar