80 Pct Of Malware Attacks In 2012 Were Redirects From Legitimate Sites: Sophos Report

SINGAPORE, Dec 5 (Bernama) -- Sophos, an IT security and data protection firm, on Wednesday released its Security Threat Report 2013, a detailed and interactive assessment of what’s happened in IT security for 2012. It include what to expect for 2013 – from the ever-growing bring your own device (BYOD) movement to the increasing adoption of (and uncertainty around) the cloud to countless other security challenges faced by organisations of all sizes. According to the report, 2012 was a year of new platforms and modern malware—what was once a homogeneous world of Windows systems, is now a landscape made up of diverse platforms. Modern malware is taking advantage of these trends, creating new challenges for IT security professionals. The increasing mobility of data in corporate environments has forced IT staff to become even more agile. The year 2012 was also a retro year driven by resurgence in traditional malware attacks, specifically malware distributed via the web. For example, more than 80 percent of attacks were redirects, the majority of which were from legitimate websites that were hacked. According to the report unprotected computers are vulnerable to different kinds of malware attack. Exposure to the majority, but not all, comes from simply clicking on links in emails or browsing web pages that happen to be carrying malicious code. Although some websites are created with the intention of infecting visitors, legitimate websites continue to be a popular target for cybercriminals, as once they are compromised, they will infect completely unsuspecting internet users. Based on analysed traffic, SophosLabs, Sophos’ global network of threat intelligence centers, has ranked the riskiest and safest countries for experiencing a malware attack. The five riskiest countries are Hong Kong with 23.54 per cent threat exposure rate (TER), Taiwan 21.26 per cent, UAE 20.78 per cent, Mexico 19.81 per cent and India, whilst top five safest are India 17.44 per cent, Norway 1.81 per cent, Sweden 2.59 per cent, Japan 2.63 per cent, UK 3.51 per cent and Switzerland 3.81 per cent. Looking ahead, the report said, while a large proportion of cybercrime continues to be opportunistic, Sophos believes that, in 2013, increased availability of malware testing platforms — some even providing criminals with money back guarantees – will make it more likely for malware to slip through traditional business security systems. As a result, Sophos said: we can expect to see an increase in the number of incidents where attackers have gained and sustained surreptitious access to corporate networks. Additional trends expected in the year ahead include more basic web server mistakes, more “irreversible” malware, Attack toolkits with premium features A continued evolution in the maturation of exploit kits, including premium features such as built in scriptable web services, APIs, and malware quality assurance platforms that appear to make access to high quality malicious code even simpler. -- BERNAMA TNS TNS RT