Attacks Continue from Compromised Sites

Tuesday, April 8, 2014 @ 05:04 PM gHale


Assaults continue to mount even from legitimate web sites as 85 percent of malicious links spotted in email or Web attacks last year pointed to legitimate websites hijacked by cybercriminals, a new report said.

Hackers mostly targeted business and economy, IT, shopping and travel websites, according to the Websense Security Labs 2014 Threat Report.

RELATED STORIES
DDoS Attacks: ‘A Common Pain Point’
Execs Not Sharing Breach Info
Security Pros Fret Attacks, not NSA
Talk to Me: Elevating Security Awareness

Malicious links and other malicious content ended up spotted in 3.3 percent of all spam messages.

As far as malicious redirects go, Websense said it stopped 1.8 billion of them in 2013. The average number of redirects per attack recorded by the company was four, but the maximum number of redirects in a single attack was 20.

When it comes to exploit kits, Websense said it protected its customers against around 67 million events involving exploit kits. After the arrest of Paunch, the author of the BlackHole exploit kit, cybercriminals started turning to other crimeware packs. Most of them adopted Magnitude and Neutrino.

In addition, 64 million events related to dropper files ended up detected and blocked by Websense’s solutions last year, the company said.

Based on the analysis of malicious executable files, experts have determined that 30 percent of them included custom encryption for C&C communication and data theft.

The report also highlights the fact ZeuS, initially developed to target financial organizations, has undergone a makeover. The malware is targeting organizations in the services, manufacturing, finance, government, communications, education, retail, healthcare, transportation and utilities markets.

“Cybercriminals continue to evolve their attack planning and execution to stay ahead of most existing security measures,” said Charles Renert, vice president of security research for Websense.

“While the determined, persistent attackers continue to have success in advanced, strategic attacks using Zero Day exploits and advanced malware, there has also been a boom in cybercriminal activity on a massive scale. Even these more ‘common’ forms of attack are easily slipping past organizations without real-time defenses,” Renert said.

Click here to register for the Websense Security Labs 2014 Threat Report.



Leave a Reply

You must be logged in to post a comment.