Cybercriminals infect networks to steal data undetected: report

23 Apr 2012

1

The Websense 2012 Threat Report released today by Websense Security Labs reveals that epidemic levels of data theft are beeing powered by extremely effective social media lures; evasive and hard-to-detect infiltration of malware; and sophisticated exfiltration of confidential data.

''Traditional defenses just aren't working any more," says Charles Renert, vice president of research and development for Websense.

The problem is worse for organisations, which need real-time defences with multiple detection points that analyse both the inbound content of each website and email as well as the outbound transmission of sensitive data.

According to Renert, Nearly all data-stealing attacks today involve the web and / or e-mail. And, many increasingly use social engineering to take advantage of the human element as the weakest link. Since the current generation of attackers use multiple data points and threat vectors to target their victims, only a solution that understands the entire threat lifecycle and combines data from each phase can protect against them.''

Highlights of threats:
- 82 per cent of malicious websites are hosted on compromised hosts. If compromised hosts are the norm, cloud and hosting services cannot be trusted. This threatens to put a damper on our economy, which is tapping the cloud as a backbone for commerce, communications, and culture.

- 55 per cent of data-stealing malware communications are web-based.

-  43 per cent of Facebook activity is streaming media, including viral videos. That's more than five times the next largest category of news and media within Facebook. The streaming media percentage is important because web lures (like videos, fake gift offers, surveys, and scams) prey on human curiosity and have moved onto the social network.
Websense has partnered with Facebook to scan all clicked Facebook web links so that Websense researchers have unprecedented visibility into the social network's content.

- 50 per cent of malware redirects lead to the United States followed by Canada.

-  60 per cent of phishing attacks are hosted in the United States trailed by Canada. The United States is also the top host of malware (36 per cent), followed by Russia.

-  74 per cent of email is spam, down from the previous year's 84 per cent. This indicates that efforts to take down spam botnets are showing results. However, while overall spam is down, 92 per cent of email spam contains a URL, illustrating the increasingly blended nature of today's email threats.

The top five email malware lures are: order notifications, ticket confirmations, delivery notices, test emails, and tax refund information. Spear phishing also continues to increase as a delivery vehicle for targeted attacks.

Business History Videos

History of hovercraft Part 3...

Today I shall talk a bit more about the military plans for ...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of hovercraft Part 2...

In this episode of our history of hovercraft, we shall exam...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Hovercraft Part 1...

If you’ve been a James Bond movie fan, you may recall seein...

By Kiron Kasbekar | Presenter: Kiron Kasbekar

History of Trams in India | ...

The video I am presenting to you is based on a script writt...

By Aniket Gupta | Presenter: Sheetal Gaikwad

view more