The top cyber threats of 2011, so far
Spear phishing and mobile malware, particularly for Android, are on the rise, McAfee says
Global spam volumes dropped in early 2011 to their lowest levels since 2007, from a peak of about 5 trillion messages a day worldwide in July 2010 to about 1.5 trillion a day in March, according to the most recent online Threats Report from McAfee.
But that drop gives end users and security officials little breathing room, said Dave Marcus, director of security research at McAfee Labs.
“Most of the stuff that ends up in the mailbox still is suspicious if not downright malicious,” said Marcus, one of the authors of the report. The ratio of spam to legitimate e-mail was about 3-to-1 at the end of the first quarter.
How could feds be fooled by Google phishing attack?
Another major defense contractor hacked; RSA tokens likely involved
“It is easier to profile high-end corporations and prominent people than
ever before” because of the amount of information available online,
Marcus said. “That’s the downside of the Information Age. The attackers
have a complete understanding of the environment” they are targeting.
Another downside to technology is the growth in malicious code for
mobile devices, especially those running the Google Android operating
system. The Symbian OS remains the No. 1 target for mobile malware
because of its 75 percent share of the market, and Android remains in
third place overall behind Java 2 Micro Edition. But Android became the
second most-targeted OS in the first quarter, and its share is expected
to continue growing.
“Malware threats to the mobile platform continue to evolve in
sophistication and functionality at a pace that in many ways eclipses
that of PC-based malware,” the report states.
“Mobile is going to be troublesome for quite some time,” Marcus said.
The market share of Android malware is growing quickly because of the
rapid adoption of phones that use the OS and the distribution channel
for third-party applications. Unlike the system for Apple iPhones,
Android applications are not closely controlled and vetted.
“This is already being abused and is going to cause a lot more abuse in the future,” Marcus added.
Mobile malware for stealing bank account information is becoming more
common, and mobile platforms will become increasingly attractive to
criminals as more mission-critical activities are conducted on them,
The drop in spam volume in the first quarter was caused primarily by the
takedown of much of the Rustock botnet command-and-control network by
law enforcement and security providers. Despite that success, McAfee
reported some growth in the decapitated botnet at the end of the quarter
and predicted that it would rebuild in the coming months.
But volume is not everything. The threat of well-crafted spear phishing
has been demonstrated by recent high-profile attacks that appear to have
breached EMC’s RSA Security Division, Oak Ridge National Laboratory,
Sony, Lockheed Martin, Google and others. Defeating those attacks with
filters is challenging, if not impossible.
“You can craft an e-mail that will be able to get through every time,”
Marcus said. “That negates technological know-how and security
The solution is to better educate and train end users, he said. Most
users are aware of the problem, but training to recognize and properly
respond to malicious e-mail is inadequate. “These are two completely
different things,” Marcus said. “We can do one of them much better.”
One of the most effective responses to a suspicious e-mail message is to
wait a beat — or three — before responding to it, read it critically
and, if necessary, call someone to verify its legitimacy. That can be
inconvenient for both parties, but “it’s a classic case of risk
management,” Marcus said.