Networking

08:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Sophisticated Targeting, Spike In Web Attacks Highlight Symantec Threat Report

Web-based attacks nearly doubled in 2010, and criminals are now making use of social networks and other information sources to launch targeted attacks against both enterprises and small and midsize businesses, according to the Symantec Internet Security Threat Report. Symantec reports a 93 percent increase in Web-based attacks, driven by the proliferation of attack toolkits that put sophisticated malicious software in the hands of a broad base of criminals.

Web-based attacks nearly doubled in 2010, and criminals are now making use of social networks and other information sources to launch targeted attacks against both enterprises and small and midsize businesses, according to the Symantec Internet Security Threat Report. Symantec reports a 93 percent increase in Web-based attacks, driven by the proliferation of attack toolkits that put sophisticated malicious software in the hands of a broad base of criminals.

The Phoenix toolkit played a role in 39 percent of all Web-based attacks, followed by NeoSploit and Nukesploit, each at 18 percent. At the same time, attackers are exploiting social networks to perform reconnaissance before cracking into businesses and tricking trusting employees into divulging information that gives them access to key systems and sensitive data.

Enterprise attacks may target executives or someone with access to source code or customer accounts. Small businesses may be compromised by tricking whomever has access to their bank accounts. "They're sort of two sides of the same coin," says Marc Fossi, executive editor of the report. "Targeted attacks use a lot of social engineering, doing all this reconnaissance, maybe gathering information from social networking sites and sending very directed emails.The other side of the coin, Web-based attacks, is completely indiscriminate, affecting anyone who visits a Web site that's been compromised."

Other targeted attacks, such as the high-profile Stuxnet and Hydraq (Aurora) attacks, make use of sophisticated malware that flies under the radar, leveraging zero-day vulnerabilities and rookits. In a number of cases, malware is designed to spread through portable storage devices, such as USB drives, a key to penetrating the "air-gapped" systems that Stuxnet penetrated. (This technique recalls the early days of "sneaker-net infection, when malware was spread via floppy disks.)

It's difficult to say if targeted attacks are on the rise overall, Fossi says, because by nature they are designed to remain hidden. Other reports have shown that breaches often go months without being detected. Stuxnet and Hydraq may have helped increase awareness about these kinds of attacks.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Twitter Feed