CYBERSPACE—According to Symentec’s annual Internet Security Threat Report for 2010, released Tuesday, the online world is an increasingly dangerous place in terms of the number, type and sophistication of threats facing individuals, companies and networks. With online threats proliferating in almost every sector, people looking for adult entertainment by way of search engines face a rising threat, with adult-related search terms accounting for 49 percent of all results leading to visits to malicious websites.
Attempting to explain why porn searches are so problematic, the report said the attacks play on base emotions, and that prominence of these particular search terms should not be a surprise considering the popularity of online porn, and provided the following data points to support the contention:
* According to one estimate, 12 percent of all websites are pornographic and over 28,000 people are viewing these sites every second.
* One reason why attackers target adult websites is that many of these sites act as web portals that aggregate the content of numerous other sites without any direct association with them. Given this, visitors to such portals may be more accepting of content from unknown or unfamiliar sources.
* Another reason may be due to the widespread use of multimedia on these sites. Many adult sites use leading browser multimedia applications, which visitors would require in order to view content. (It should be noted that many of the search terms that Symantec categorized in adult entertainment are primarily adult video streaming websites and, thus, were not included in the video streaming category to negate duplicated results).
Sex/dating spam also was on the increase in 2010. "This type of spam became much more common in 2010," the report stated. "These were either mails containing sexual images or URLs that linked to adult or dating websites. In September 2009, sex/dating spam accounted for less than 1 percent of the total. One year later, it had increased to account for over 5 percent of all spam, most of which was being sent from the Cutwail and Mega-D botnets."
More generally, the overall numbers found in the report are truly staggering, and paint a picture of on online world continually under assault by criminal elements determined to steal identities or credit card information, commit denial of service attacks or sow other sorts of mayhem. As in 2009, when it also ranked first, the United States had the most overall malicious activity, with 19 percent of the total—down slightly from 20 percent the previous year.
Social networking sites in particular became an increasingly popular environment for malicious activity last year. According to Ars Technica, in an article about the Symantec report, social networking sites are a large and inviting target due to their extreme popularity and their almost inviting susceptibility to social engineering.
"In mass, untargeted attacks," it reported, "the social networking sites give malicious links a veneer of integrity—if a friend of yours posts a link it's surely going to be safe, right? For spear-phishing and other targeted attacks, the social networks give valuable insight into individual habits and interests, not to mention the ability for hackers to strike up friendships with their would-be victims and to gain their trust that way.”
The report also indicated an increase in problematic activity utilizing URL shortening services such as bit.ly. “Hackers have been quick to exploit the way these mask the destination URL,” noted Ars Technica, “making it much harder to know if a link is malicious until you actually click on it. Two-thirds of attacks used on social networking sites used such masked, shortened URLs.”
Smartphones also were increasingly targeted, especially those using the Android platform, which is apparently seen as ripe for exploitation by the bad guys. Last month alone, 50 malicious programs were pulled from the Android Market, and vulnerabilities on mobile platforms in general were up 41 percent in 2010.
Data breaches were again of significant concern, accounting for 235,000 identities per breach in the financial sector. A total of 457 data breaches were recorded in 2010, with 61,000 identities on average exposed per breach.
Of perhaps greater concern for security professionals, targeted attacks were up, as were attacks taking advantage of zero-day vulnerabilities. “Three different Internet Explorer zero-days were used in three separate targeted attacks, and Stuxnet used four Windows zero-days,” reported Ars Technica, which noted that social engineering was also instrumental in those attacks.
The ability of attackers to exploit these vulnerabilities means that patches are by definition of no help when the attack is launched pre-patch. It’s a cat-and-mouse game with most computer and internet users unable to do anything but update their security software as frequently as possible, and hope for the best.
Other malicious activity trends included:
* The average daily volume of web-based attacks observed in 2010 was 93 percent higher than in 2009.
* The financial sector was the top sector in 2010 for identities exposed in data breaches, with 23 percent—a decrease from 60 percent in 2009.
* The leading cause of data breaches that could lead to identity theft in 2010 was the theft or loss of a computer or other data-storage device, with 36 percent of the total; this is nearly unchanged from its 37 percent total in 2009.
* Hacking was the leading source of reported identities exposed in 2010 with 42 percent of the total—down from 60 percent in 2009.
* The most exposed type of data in deliberate breaches (hacking, insider breaches, or fraud) was customer-related information, accounting for 59 percent of the total. Customer data also accounted for 85 percent of identities exposed in deliberate breaches.
* Of malicious URLs observed on social networking sites during a three-month period in 2010, 66 percent made use of a URL shortening service; of these, 88 percent were clicked at least once.
* The United States had the most bot-infected computers in 2010, accounting for 14 percent of the total—an increase from 11 percent in 2009.
* In 2010, Symantec identified 40,103 distinct new bot command-and-control servers; of these, 10 percent were active on IRC channels and 60 percent on HTTP.
* The United States was the location for the most bot command-and-control servers, with 37 percent of the total.
* The United States was the county most targeted by denial-of-service attacks, with 65 percent of the total.
* The percentage of threats to confidential information that incorporate remote access capabilities increased to 92 percent in 2010 from 85 percent in 2009.
* In 2010, 79 percent of threats to confidential information exported user data and 76 percent had a keystroke-logging component; these are increases from 77 percent and 74 percent, respectively, in 2009.
* Credit cards were the most commonly advertised item for sale on underground servers known to Symantec, accounting for 22 percent of all goods and services advertised—an increase from 19 percent in 2009.
The report can be accessed here.
