Cloud, social networking, expose firms to threats: SonicWALL
By Enterprise Innovation Editors | 2010-08-27
New technologies such as cloud computing and social networking continue to be exploited by cybercriminals in order to crack corporate data, network security and data protection solutions provider SonicWALL revealed in a recent study.
“For nearly 20 years, we have tracked cybercrime and reliably protected our customers against the latest threats,” said Boris Yanovsky, vice president of software engineering at SonicWALL. “Each day, SonicWALL helps corporations stop over 3 million malware attempts, 400 million intrusions, and 400 million SPAM e-mails. We watched cybercrime shift from simple scams, such as phishing exploits, spoofing of organizations, worms and viruses, to more sophisticated attacks shutting down network servers and cloud-based systems affecting both companies and individuals. Our research is part of an ongoing mission to dynamically adapt our products and services to enhance security for our customers.”
Mid-year review of 2010 security threats
Early in 2010, SonicWALL predicted that reputation management via social networking, the growth of borderless business as well as the use of virtualization and cloud-based computing would cause a surge in targeted security threats in 2010. Today’s GRID data findings support the accuracy of these predictions.
Highlighted security threats include:
• Intrusions, phishing and malware threats increased in 2010. Web-based SQL Injection, attacks through domain name system (DNS) protocol and attacks through hypertext transfer protocol (HTTP) were the top intrusion threats. False antivirus software and viruses (e.g. “Bredolab” and “Conficker”) continue to top the malware threat list. This malware wreaks havoc on users’ machines and causes for example, massive spam runs and identity-theft related attacks. Phishing, the manipulative practice of sending victims e-mails fraudulently posing as being from trusted institutions is frequently the spear point for intrusions and malware. From January 1, 2010 through June 30, 2010, the amount of malware instances detected has tripled from 60 million to approximately 180 million. Click here to view the complete list.
• Trust-based relationships that access social networking tools continue to infect corporate networks. In its 2010 predictions, SonicWALL noted that companies should implement stricter policies controlling reputation management and the usage of and access to social media. This year, hackers have steadily exploited social networking sites, such as Twitter, Facebook, Orkut, Google groups and others to initiate malware downloads and botnets that have led to identity, account and password theft. For example, SonicWALL found that private messages sent via Facebook supposedly containing links to a photo album actually led recipients to download malware. SonicWALL also found fake Twitter handles and e-mail message formats being used to generate massive spam attacks. Trust is inherent in social network participation, making it especially easy for hackers to exploit.
• Exploiting Cloud computing to crack the corporate data vault. SonicWALL predicted that virtualized and cloud-based solutions and ‘borderless’ business would open the door to new types of attack. At the time, it warned companies about implementing Web-based services and applications that store financial, employee, corporate and medical data to protect against potential intrusions that exploit weaknesses in Web page programming. SonicWALL’s GRID data indicates that these types of attacks have dramatically increased. Web-based attacks which accounted for 4% of all attacks in 2009 now account for 45% in 2010.
• Disguising as trusted institutions for spam and malware exploits grows in 2010. Online transactions are widely accepted, but the ease of online transactions gives consumers a false sense of security. More and more consumers receive emails asking them to visit bogus websites to complete their transactions. This scheme applies to a wide variety of web properties, from free online classified ads to well-known financial institutions. Consumers who enter personal data on the falsified Web pages risk having their identity stolen, their finances hijacked or their computers downloading unwanted and malicious software. A list of spoofed organizations is available here.
• Phishers capitalize on high profile news events. Phishers disguise as a humanitarian organization and use natural disasters like the Haitian earthquake to approach unsuspecting consumers, asking them for donations. Similarly, consumers can expect that phishers will use BP’s oil spill to deliver malware and spam attacks. They have not ignored the job shortage either. E-mails promising employment opportunities comprised nearly 10 percent of non-phishing fraud e-mail during the first half of 2010.
• Foreign government tax scams are expanding. These scams can include false tax institution audits, requests for payments or verification of the victim’s tax status, and direct the unsuspecting to an authentic-seeming site. Expanding their exploits beyond the U.S. government into the United Kingdom and beyond, phishers are now targeting India, Australia, China and Canada.
With the widespread adoption of the Mac platform and its Mac-based devices such as the iPhone and iPad, the continued development in the mobile market and the convergence of video and voice, SonicWALL suggests that companies should anticipate a new set of threats over the next 12 months.
“New malware attacks are likely to affect smartphones, VoIP and Mac, social media, Adobe’s Acrobat Reader .pdf. We also anticipate hacks will exploit bots developed by SpyEye. This new, Web-based crimeware toolkit simplifies stealing financial and sensitive personal information. With the sophistication of today’s attacks, companies need to anticipate that heuristics, algorithms and behavioral analysis will be needed to supplement the security signatures that corporations receive with proactive analysis,” said Boris Yanovsky.
SonicWALL also identified threats that are dissipating, like the Storm Worm. Despite fears that it might resurface, there was only one attack this year.