Web Attacks Skyrocketed 93% In 2010

  /     /     /  
Publicated : 22/11/2024   Category : security


Web Attacks Skyrocketed 93% In 2010


Symantec report finds that the daily threat volume, sophistication, and cost of security breaches have escalated since 2009.



(click image for larger view)
Slideshow: 10 Massive Security Breaches
The volume and sophistication of online attacks continues to increase. In fact, the daily volume of Web-based attacks increased by 93% from 2009 to 2010, while attack toolkits grew to account for two-thirds of all Web-based threats.
Thats according to the new Internet Security Threat Report
from Symantec
, released Tuesday.
Notably, the report found that Web-based attacks are hitting businesses
bottom lines
, due to the cost of data breaches. In particular, the report found that hacking results in an average of 262,767 identities exposed per data breach incident. Accounting for many fewer lost records are insiders (68,418), theft or loss (67,528), insecure policies (30,572), or fraud (6,353).
Which attack vectors were the most popular in 2010? According to the report, the Phoenix
toolkit
was the number-one technique used by Web-based attackers, and accounted for 39% of attacks that used the top 10 techniques observed by Symantec. The attack toolkits NeoSploit and Nukesploit, meanwhile, accounted for 18% each, followed by JavaScript buffer overflow attacks (8%), Adobe Reader attacks (8%), and non-kit-specific attacks against Java (3%).
Attacks continue to grow more sophisticated. From 2009 to 2010, found the report, the number of attacks that used executable files and Windows auto-run to circulate and launch increased by 74%. Meanwhile, attacks that took advantage of file-sharing protocols to spread increased by 47%, while remote attacks
exploiting vulnerabilities
jumped by 24%.
In recent years, applications and browsers have come under heavy fire. But 2010 appears to have been the year of the
vulnerable plug-in
. As the operating system and browser guys have gotten better about patching their software, the weakness now is often in the plug-ins that
sit inside
the browser, said Gerry Egan, a director with Symantec Security Response. Such plug-ins include Adobe Flash and Reader, which were
heavily targeted
and exploited in 2010.
Getting rid of infections grew more difficult. Once malware gets inside an organization, theres evidence that its more likely to use some type of rootkit technology to cloak itself, said Egan.
In 2010, attacks against social network users also grew. The most-seen attack technique was directing users to a website that hosts malicious code, so attackers can execute a drive-by download that exploits any known vulnerabilities on the users computer to infect it.
But despite the sophistication of the crimeware toolkits used to infect websites and launch such attacks, many
social networking attack techniques
were relatively simple. According to Symantec, during one three-month period, two-thirds of malicious links in news feeds... used shortened URLs, with the shortened URL simply redirecting users to an attack website. Interestingly, 73% of the links studied by Symantec were clicked at least 11 times, and 33% were clicked up to 50 times, proving that an inability to see where links resolve doesnt seem to deter many social networking users.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Web Attacks Skyrocketed 93% In 2010