Social media, mobile devices fuel cyber threats

The emergence of social media and proliferation of mobile devices have provided new avenues for malwares and different forms of cyber attacks, a new report from an Internet security firm has found. The findings were contained in Symantec’s Internet Security Threat Report, Volume 16, which showed a massive threat volume of more than 286 million new threats last year, accompanied by several new megatrends in the threat landscape. The report highlighted dramatic increases in both the frequency and sophistication of targeted attacks on enterprises; the continued growth of social networking sites as an attack distribution platform; and a change in attackers’ infection tactics, increasingly targeting vulnerabilities in Java to break into traditional computer systems. In addition, the report explored how attackers are exhibiting a notable shift in focus toward mobile devices. “While many targeted attacks are directed at large enterprises and governmental organizations, they can also target SMBs and individuals. Similarly, senior executives are not the only employees being targeted," said Raymond Goh, Symantec’s regional technical director for systems engineering and customer advisory services for Asia South Region. “A single negligent user or unpatched computer is enough to give attackers a access into an organization from which to mount additional attacks on the enterprise from within." Commenting on the impact of social networks in the Philippines, Goh added, “Social networking sites provide companies with a mechanism to market themselves online, but can also have serious consequences. As the usage of social networks in the Philippines increases, consumers and businesses are advised to be extra cautious as malicious code that targets mobile devices and uses social networking sites to propagate is becoming a significant concern." Social network platforms continued to grow in popularity and this popularity has not surprisingly attracted a large volume of malware. One of the primary attack techniques used on social networking sites involved the use of shortened URLs. Under typical, legitimate, circumstances, these abbreviated URLs are used to efficiently share a link in an email or on a web page to an otherwise complicated web address. Last year, attackers posted millions of these shortened links on social networking sites to trick victims into both phishing and malware attacks, dramatically increasing the rate of successful infection. The report found that attackers overwhelmingly leveraged the news-feed capabilities provided by popular social networking sites to mass-distribute attacks. In a typical scenario, the attacker logs into a compromised social networking account and posts a shortened link to a malicious website in the victim’s status area. The social networking site then automatically distributes the link to news feeds of the victim’s friends, spreading the link to potentially hundreds or thousands of victims in minutes. In 2010, 65 percent of malicious links in news feeds observed by Symantec used shortened URLs. Of these, 73 percent were clicked 11 times or more, with 33 percent receiving between 11 and 50 clicks. In 2010, attack toolkits, software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers, continued to see widespread use. These kits increasingly target vulnerabilities in the popular Java system, which accounted for 17 percent of all vulnerabilities affecting browser plug-ins in 2010. As a popular cross-browser, multi-platform technology, Java is an appealing target for attackers. The Phoenix toolkit was responsible for the most Web-based attack activity in 2010. This kit, as well as many others, incorporates exploits against Java vulnerabilities. The sixth highest ranked Web-based attack during the reporting period was also an attempt to exploit Java technologies. The number of measured Web-based attacks per day increased by 93 percent in 2010 compared to 2009. Since two-thirds of all Web-based threat activity observed by Symantec is directly attributed to attack kits, these kits are likely responsible for a large part of this increase. The major mobile platforms are finally becoming ubiquitous enough to garner the attention of attackers, and as such, Symantec expects attacks on these platforms to increase. In 2010, most malware attacks against mobile devices took the form of Trojan Horse programs that pose as legitimate applications. While attackers generated some of this malware from scratch, in many cases, they infected users by inserting malicious logic into existing legitimate applications. The attacker then distributed these tainted applications via public app stores. For example, the authors of the recent Pjapps Trojan employed this approach. While the new security architectures employed in today’s mobile devices are at least as effective as their desktop and server predecessors, attackers can often bypass these protections by attacking inherent vulnerabilities in the mobile platforms’ implementations. Unfortunately, such flaws are relatively commonplace — Symantec documented 163 vulnerabilities during 2010 that could be used by attackers to gain partial or complete control over devices running popular mobile platforms. In the first few months of 2011 attackers have already leveraged these flaws to infect hundreds of thousands of unique devices. According to findings from Mocana, it is no surprise that 47 percent of organizations do not believe they can adequately manage the risks introduced by mobile devices. And, that more than 45 percent of organizations say security concerns are one of the biggest obstacles to rolling out more smart devices. — Newsbytes.ph