600% Increase In Cyber Attacks: WebSense Releases Threat Report 2013

One thing I love more than writing is online threat reports - all the blood, sweat and tears combined with the satisfaction of discovery and elimination of the threat. Ahh! The moment you come to the realisation that there are smarter people in this world who can shoot you point-blank without ever being caught. Yes, brutality is the name, the name of the game!


WebSense has kept up to speed in this game and they have released a report to show for it. WebSense has released the 2013 Threat report enumerating an analysis on cyber threats. According to WebSense, cyber threats have increased over the years due to usage of ancient security protocols. Attackers are able to easily bypass these mechanisms and target mobile platforms and social media, the two most celebrated inventions of this century.

Internet has been reported to be the 'attack vector and the primary support element of other attack trajectories'. Malicious websites have grown in number (almost 600%) and 85% of these are being hosted by legitimate but compromised providers.

Genre of sites that were mainly attacked were:

  • Information Technology
  • Business and Economy
  • Sex
  • Travel
  • Shopping

Probably because attackers wanted to cover all areas of human psyche and, in general, life? No wonder the number of threats and attacks have increased.

- Social Media was one of the most exploited channels due to its large audience. Most of the links consisted of malicious content which were spread through the network. New features and interfaces also resulted in some amount of confusion leading to successful attacks on the user.

- Mobile Platform were again easily attacked due to jailbreaking, and download and installation of malicious apps.

Legitimate apps were also a cause for concern; many proved less secure than expected. Consider a study by Philipps University and Leibniz University in Germany involving 13,500 free apps downloaded from Google Play. Researchers found that 8 percent of these apps were vulnerable to man-in-the-middle attacks, and approximately 40 percent enabled the researchers to capture credentials for American Express, Diners Club, Paypal, bank accounts, Facebook,Twitter, Google, Yahoo, Microsoft Live ID, Box, WordPress, remote control servers, arbitrary email accounts, and IBM Sametime, among others.
WebSense stated that malicious apps mainly require three permissions:
  • 82% of malicious apps send, receive, read or write SMS message.
  • 12.5% malicious apps require RECEIVE_WAP_PUSH permission.
  • 10% malicious apps asked for permission to install other apps.
- Email was another vector that took to WebSense's notice as only 20% of the emails sent and received were legitimate. 80% were phishing and spam emails. It is very easy to fall pry to such attacks because the links present in these emails seem to be from "real people" but basically consist of links to compromised websites or the attachments present in them are infected.


Report also introduced "time-delay" attack, "in which embedded web links are kept benign until after traditional email security defences are bypassed".

According to WebSense the following categories of malicious web links are present in Spam Email:
  • Potentially Damaging Content | Suspicious sites with little or no useful content.
  • Web and Email Spam | Sites used in unsolicited commercial email.
  • Malicious Websites | Sites containing malicious code.
  • Phishing and other Frauds | Sites that counterfeit legitimate sites to elicit user information.
  • Malicious Embedded iFrame.
You can read the full report by WebSense which clearly states;

“Solutions that focus solely on mobile, email, web or otherwise can no longer be trusted to defend against complex, multistage attacks that can move between attack vectors.”

Wise friends, we are no longer... ALONE!

Cheers!

About the Author:
This article has been written by Dr. Sindhia Javed Junejo. She is one of the core members of RHA team.