THE CONSTANT UPWARD GRAPH OF MALWARE ATTACKS


In the recent spate in high-profile attacks, malware has been the tool of choice for hackers. 2011 seems to be a landmark year hackers with scam attacks, including the politically motivated online attacks on social networking sites like Twitter, Facebook, Android Market. These series of upsurge attacks are alarmingly the fact that nothing, rather no one is secure on internet. The World Wide Web continues to top malware infection wherein emails are a host to malicious attachments and links, while websites come in as a host to a wide variety of exploits and drive-by downloads targeting browsers and applications alike.

For online users, individuals or organizations, malware has always been a significant threat. A rapid rise is being witnessed that is more than capable of compromising, damaging or acquiring sensitive data which can either be personal or could lead to loss of intellectual property in the overall threat landscape. Statistics say that, rather than being hacked by using an exploit; IT users are more likely to be tricked into downloading malware. Hence, there is a continuous challenge in detecting and preventing such threats. Though, not all of these attacks are socially engineered, however, the technique is being used to evade security programs and is being applied to the web that increasingly triples the distribution of malware, of which 55% (Malware) is now delivered via Internet downloads, whereas only 14% is delivered through malicious emails. Which means that as there are more than a handful that don’t understand the complexity of web based threats, from a hacker’s perspective tricking users into installing malware is much preferred.

Also, the inappropriate use of SEO is on the rise. Attackers lure the users to the sites that contain the malware software and expose them to fake Anti-virus downloads, Trojans, worms and fake surveys. In addition to Search Engine Poisoning, the upturn in social networking sites makes them the prime focus of cyber criminals. As the information accessibility and services are interconnect and interdependent of each other, it opens more opportunities for more effective attacks on individuals and organisations.  The emerging Java threats due to Java plug-ins soon will be ruling the malware distribution. Also, URL Shortcut services and Location services contribute greatly in the business of malware distribution. URL Shortcut services will be witnessed.

Apart from creating new malware, Cyber-Criminals are effectively re-modifying the code of known deceased malware. A very good example would be that of the Ramnit Worm which has recently morphed into a financial malware. Moreover, there has also been an enormous increase in malicious programs accounting for at least 25% rise in fresh threats when compared to similar months in 2010. Trojans dominated the line of newly detected threats comprising of at least 70% of all newly created malicious software.

There was a whopping $114 Billion loss due to cyber crime itself cost the world last year. With over 2.9 million users falling as victims to cybercrimes, India alone stood at a loss of $7.6 Billion or Rs 36,200 crore out of which $4 Billion was the total financial loss while $3.6 Billion was the amount spent to resolve reported theft. Of the total amount reported a mere 21% of victims actually reported the crime to the police. Despite the efforts made by security vendors, only 16% had security software installed on their cell phone while 21% had on their PCs. Also, additional $274 billion was lost, based on the value victims placed on time lost due to their cyber crime experiences. More than two thirds of all adults who used the Internet more were victims of cyber crime. While most issues are more than preventable, over 54% of online users have experienced malware followed by 11% in online scams and 10% in phishing scams. In comparison to 2009 and 2010, there has been a decent increase in malware amounting to 19% in 2011.

There key reason for this increase in the cyber attacks is financial profit. Also, there been a whole automation in terms of the creation of malware due to the web attack toolkits that are growing at a rapid rate as the chosen weapon.

On the other hand, the way cyber crime is dealt by people online shown by the overall number of infected users itself signifies a defect. According to studies, in the last one year the overall number of users infected with regard to online cyber crime has tripled in comparison to offline crime. A major flaw is been noticed in the way users perceive online threats. There is a huge gap between awareness and the action that needs to be taken by IT users. Approximately, 80% of PC users are aware of cyber crime as a growing threat, however the necessary precautions are not being taken against it. At times, either the Security is outdated or the implementation of the necessary updates to protect users from complex threats id not up to the mark.

With respect to enterprises, cyber crime is increasing at an alarming rate with over $30 Billion being invested annually on corporate defences and cyber criminals are invariably being able to evade these conventional defences. In fact, even the most security conscious industries are vulnerable to online attacks such as HBGary, Epsilon, RSA and DigiNotar, Comodo– to name a few.

%d bloggers like this: