The Latest SonicWall News
Product and Solution Information, Press Releases, Announcements
| SonicWALL Releases Mid-Year Assessment of Top Cybercrime Threats for 2010 | |
| Posted: Fri Aug 06, 2010 03:58:00 PM | |
|
Top threats exploit the increased corporate use of cloud computing, social networking, and use of Macs and smart phones for remote access. - Aug. 6 SonicWALL, Inc., a leading provider of intelligent network security and data protection solutions, today released its mid-year summary of the top cybercrime trends for 2010. From July 1, 2009 to June 30, 2010, the company tracked computer threats worldwide using its Global Response Intelligence Defense (GRID) network. The GRID contains millions of SonicWALL anti-spam and e-mail security servers located worldwide, to proactively protect networks from intrusions and malware attacks. Based on GRID data, SonicWALL identified the current and future top security threats, including intrusions, malware, antivirus and e-mail security breaches that consumers and institutions face. "For nearly 20 years, we have tracked cybercrime and reliably protected our customers against the latest threats," said Boris Yanovsky, vice president of software engineering at SonicWALL. "Each day, SonicWALL helps corporations stop over 3 million malware attempts, 400 million intrusions, and 400 million SPAM e-mails. We watched cybercrime shift from simple scams, such as phishing exploits, spoofing of organizations, worms and viruses, to more sophisticated attacks shutting down network servers and cloud-based systems affecting both companies and individuals. Our research is part of an ongoing mission to dynamically adapt our products and services to enhance security for our customers." Mid-year review of 2010 security threats Early in 2010, SonicWALL predicted that reputation management via social networking, the growth of borderless business as well as the use of virtualization and cloud-based computing would cause a surge in targeted security threats in 2010. Today's GRID data findings support the accuracy of these predictions. Highlighted security threats include: * Intrusions, phishing and malware threats increased in 2010. Web-based SQL Injection, attacks through domain name system (DNS) protocol and attacks through hypertext transfer protocol (HTTP) were the top intrusion threats. False antivirus software and viruses (e.g. "Bredolab" and "Conficker") continue to top the malware threat list. This malware wreaks havoc on users' machines and causes for example, massive spam runs and identity-theft related attacks. Phishing, the manipulative practice of sending victims e-mails fraudulently posing as being from trusted institutions is frequently the spear point for intrusions and malware. From January 1, 2010 through June 30, 2010, the amount of malware instances detected has tripled from 60 million to approximately 180 million. Click here to view the complete list. * Trust-based relationships that access social networking tools continue to infect corporate networks. In its 2010 predictions, SonicWALL noted that companies should implement stricter policies controlling reputation management and the usage of and access to social media. This year, hackers have steadily exploited social networking sites, such as Twitter, Facebook, Orkut, Google groups and others to initiate malware downloads and botnets that have led to identity, account and password theft. For example, SonicWALL found that private messages sent via Facebook supposedly containing links to a photo album actually led recipients to download malware. SonicWALL also found fake Twitter handles and e-mail message formats being used to generate massive spam attacks. Trust is inherent in social network participation, making it especially easy for hackers to exploit. * Exploiting Cloud computing to crack the corporate data vault. SonicWALL predicted that virtualized and cloud-based solutions and 'borderless' business would open the door to new types of attack. At the time, it warned companies about implementing Web-based services and applications that store financial, employee, corporate and medical data to protect against potential intrusions that exploit weaknesses in Web page programming. SonicWALL's GRID data indicates that these types of attacks have dramatically increased. Web-based attacks which accounted for 4% of all attacks in 2009 now account for 45% in 2010. * Disguising as trusted institutions for spam and malware exploits grows in 2010. Online transactions are widely accepted, but the ease of online transactions gives consumers a false sense of security. More and more consumers receive emails asking them to visit bogus websites to complete their transactions. This scheme applies to a wide variety of web properties, from free online classified ads to well-known financial institutions. Consumers who enter personal data on the falsified Web pages risk having their identity stolen, their finances hijacked or their computers downloading unwanted and malicious software. A list of spoofed organizations is available here. * Phishers capitalize on high profile news events. Phishers disguise as a humanitarian organization and use natural disasters like the Haitian earthquake to approach unsuspecting consumers, asking them for donations. Similarly, consumers can expect that phishers will use BP's oil spill to deliver malware and spam attacks. They have not ignored the job shortage either. E-mails promising employment opportunities comprised nearly 10 percent of non-phishing fraud e-mail during the first half of 2010. * Foreign government tax scams are expanding. These scams can include false tax institution audits, requests for payments or verification of the victim's tax status, and direct the unsuspecting to an authentic-seeming site. Expanding their exploits beyond the U.S. government into the United Kingdom and beyond, phishers are now targeting India, Australia, China and Canada. With the widespread adoption of the Mac platform and its Mac-based devices such as the iPhone and iPad, the continued development in the mobile market and the convergence of video and voice, SonicWALL suggests that companies should anticipate a new set of threats over the next 12 months. |