With the onset of new cyber threats rising to more than 286 million last year, the landscape for cyber attacks is changing with smartphones and social networks firmly in the attackers’ sights.
Symantec has published new findings in its report, Internet Security Threat Report Volume 16, which point to a dramatic increase in both the frequency and sophistication of targeted attacks on businesses and individuals.
And it seems attackers are adopting new infection tactics, increasingly targeting weaknesses in Java to break into traditional computer systems, and focussing their efforts on mobile devices.
The new trends began last year, according to Symantec, with 2010 becoming the year of the targeted attack.
First criminals hit publicly traded, multinational corporations and government agencies, but they also targeted a surprising number of smaller companies, with many preying on individuals for personal informaiton.
More than 260,000 identities were exposed per breach in 2010, nearly quadruple that of any other cause, says the security firm.
And with the rise in popularity of social networking, these sites are proving to be fertile ground for criminals.
Last year attackers posted millions of shortened links on social networking sites to trick victims into both phishing and malware attacks, increasing the rate of successful infection, and getting into the news-feed capabilities of these sites to mass distribute attacks.
The infected links were spread to hundreds of thousands of victims within minutes.
65 percent of malicious links in news feeds observed by Symantec used shortened URLs. Of these 73 percent were clicked 11 times or more, with 33 percent receiving between 11 and 50 clicks.
Mobile platforms are also proving easy to infiltrate, with 42 percent more mobile vulnerabilities.
In a sign that cybercriminals are starting to focus their efforts on the mobile space, the number of reported new mobile operating system vulnerabilities increased, from 115 in 2009 to 163 in 2010.
Trojan horses are the biggest threat to mobiles, while some are infected by malicious logic seeded into legitimate applications.
These tainted apps are then distributed through public app stores.
Early last month, booby-trapped Apps from the official Android Marketplace were said to have been downloaded up to 200,000 times, and Google was forced to withdraw more than 50 virus-infected apps infected with malware.
According to findings from Mocana, which provides mobile and wireless network device security, it is no surprise that 47 percent of organisations do not believe they can adequately manage the risks introduced by mobile devices.
More than 45 percent of organisations say security concerns are one of the biggest obstacles to rolling out more smart devices.
“The major mobile platforms are finally becoming ubiquitous enough to garner the attention of attackers,” Symantec said. “Attackers are really following the consumers here.”