Symantec finds targeted cyber attacks skyrocket 93% in 2010
Antivirus software maker Symantec said Tuesday that attacks increased some 93 percent from 2009 to 2010, with a staggering 286 million new threats reported last year alone. An increase in the number of attacks on enterprise systems was noted, as well as the use of social networks as an attack vector.
The firm also noted that there was an increase in attacks using vulnerabilities within the Java framework, as well as the beginning of a shift towards exploits aimed at mobile devices. While many of these attacks come in the form of malicious apps aimed at stealing personal information, Symantec said attackers were beginning to find and exploit security vulnerabilities.
In attacks on the enterprise, hackers are making more use of zero-day flaws to gain access to systems. For example, the Stuxnet worm used four separate zero-day vulnerabilities to propagate itself.
Social networks have become one of the most popular ways to spread malware, and the rise of shortened URLs have played a large part in these attack's success. Because this URL gives no clue as to its contents, attackers were able to trick many more users than ever before into clicking these links, further enabling the spread of infection.
The company said its own research showed that as much as 65 percent of the malicious links in social networking news feeds used shortened URLs, with 73 percent of them clicked by users at least 11 times.
About 163 separate vulnerabilities were found in 2010 by Symantec that could result in partial or full loss of control of a user's mobile device, and the company found that several of these flaws were already being used by hackers in 2011. While as said before malicious apps have become a problem, attackers are also finding ways to inject code into legitimate applications.