New Update
SAN DIEGO, USA: Research released today by the Websense Security Labs in the Websense 2012 Threat Report
reveals the trifecta that is driving epidemic levels of data theft.
The report highlights that extremely effective social media is luring people and an jump in evasive and hard-to-detect infiltration of malware.
“Traditional defenses just aren’t working any more. Organizations need real-time defenses with multiple detection
points that deeply analyze both the inbound content of each website and email as well as the outbound transmission of
sensitive data,” said Charles Renert, vice president of research and development for Websense. “Nearly all
data-stealing attacks today involve the web and/or e-mail. And many increasingly use social engineering to take
advantage of the human element as the weakest link. Since the current generation of attackers use multiple data points
and threat vectors to target their victims, only a solution that understands the entire threat lifecycle and combines data
from each phase can protect against them.”
Below are key findings:
- 82 percent of malicious websites are hosted on compromised hosts. If compromised hosts are the norm, cloud
and hosting services can’t be trusted. This threatens to put a damper on our economy, which is tapping the cloud as a
backbone for commerce, communications, and culture.
- 55 percent of data-stealing malware communications are web-based.
- 43 percent of Facebook activity is streaming media, including viral videos. That’s more than five times the next
largest category of news and media within Facebook. The streaming media percentage is important because web
lures (like videos, fake gift offers, surveys, and scams) prey on human curiosity and have moved onto the social
network. Websense has partnered with Facebook to scan all clicked Facebook web links so that Websense
researchers have unprecedented visibility into the social network’s content.
- 50 percent of malware redirects lead to the United States followed by Canada.
- 60 percent of phishing attacks are hosted in the United States trailed by Canada. The United States is also the
top host of malware (36 percent), followed by Russia.
- 74 percent of email is spam, compared to the previous year of 84 percent. It’s clear that efforts to take down
spam botnets are showing results. However, while overall spam is down, 92 percent of email spam contains a URL,
illustrating the increasingly blended nature of today’s email threats. The top five email malware lures are: order
notifications, ticket confirmations, delivery notices, test emails, and tax refund information. Spear phishing also
continues to increase as a delivery vehicle for targeted attacks.
- Websense Labs has analyzed more than 200,000 Android apps and does see a noticeable quantity with
malicious intent or permissions. The number of users who will be exposed to a malicious mobile app is increasing
quickly.
- Advanced threats can be described in six stages: lures, redirects, exploit kits, dropper files, call-home
communications, and data theft. Each stage has unique characteristics that need specific real-time defenses.
Traditional defenses mainly focus on the fourth stage and known threats by looking at malware files, and in large part
that is why they are ineffective. Advanced threats use unique dropper files that go undetected by traditional defenses
for hours or days.