Cyber-Thieves Take a Lethal, Targeted Approach

By Samuel Greengard

Although the Internet has evolved into an indispensible medium for business and social interaction, it also has also landed squarely in the red zone in terms of security threats. A newly released Symantec brief, “Internet Security Threat Report 2013,” reports that threats are becoming increasingly targeted, sophisticated and lethal.

There is a “surge in targeted attacks—indicating an increase in cyber-espionage to gain access to confidential information and valuable intellectual property,” says Kevin Haley, director of Symantec Security Response at Symantec. “Businesses of all sizes are at risk.

“The top sector of targeted attacks shifted from governments to manufacturing, and executives are no longer the leading targets of choice. Knowledge workers and employees in sales were the main targets in 2012.”

In fact, 50 percent of mobile malware created in 2012 attempted to steal information or track people’s movements. Attackers are increasingly piecing together information—email addresses, job descriptions, professional interests, conferences attended, even personal hobbies and activities—in order to assemble a successful attack strategy. In some cases, thieves are collecting years of data from various files, along with contact information.

But the problems don’t stop there. Symantec found that 23 percent of email messages contain malware in the URL. The overall virus rate is one in 291 messages, while the overall email phishing rate is now one in 414 messages.

Unfortunately, the overall number of vulnerabilities has risen to 5,291, and mobile vulnerabilities have spiked to 415, up from 163 in 2010. In all, there has been a 42 percent increase in targeted attacks over the last year.

Haley says that ransomware and mobile threats have become mainstream concerns. However, attacks have steadily shifted from governments to manufacturing.

“Attacks have increased against manufacturing due to an uptick in attacks along the supply chain,” he explains. “Attackers are seeking intellectual property from contractors and subcontractors of big projects. Attackers find contractors and subcontractors easier to break into and in possession of the IP they seek.”

Another problem: In 2012, the number of Web-based attacks increased by 30 percent. Some of these threats originated from small businesses. “These compromised Websites are being used in targeted ‘watering hole’ attacks, where the weak security of one entity is leveraged to defeat the strong security of another,” Haley says.

How should business and IT executives approach this environment? It’s critical to recognize that executives are no longer the leading targets of choice, Haley says. In 2012, the most commonly targeted victims of these types of attacks were knowledge workers (27 percent) with access to intellectual property, as well as those in sales (24 percent).

“Businesses need to make sure they’re patching vulnerabilities,” he points out. “Sixty-one percent of malicious Websites are actually legitimate Websites that have been compromised and infected with malicious code.” Business, technology and shopping Websites were among the top five types of sites hosting infections in 2012.

Haley says that businesses should conclude that they are constantly in the crosshairs for cyber-criminals. “Regardless of size, all businesses need to take note of potential attacks,” he concludes.

“Web-based threats are no longer confined to email; they can infest social networking sites and even legitimate business Websites. And while new threats are being developed all the time, a significant portion of incidents still occur based on vulnerabilities that are weeks or months old.”