Websense’s global research team, Security Labs, has released its 2013 Threat Report which indicates explosive year-on-year (YoY) growth in global cyber-attack trends.
The Threat Report is a YoY-based comparison of Web, email, data, mobile, and social media threats.
The report also indicates that Australia is fifth in the top 10 most targeted nations in Asia-Pacific (APAC). China takes top spot, followed by Taiwan, the Philippines, and the Republic of Korea. The rest of the 10 is comprised of (in order) Hong Kong, Russian Federation, Vietnam, Singapore, and Malaysia.
“YoY, the number of malicious Web-based attacks increased by nearly 600 per cent,” Websense Security Labs vice-president, Charles Renert, said. “These attacks were staged predominantly on legitimate sites and challenge traditional approaches to security and trust.”
“The timed, targeted nature of these advanced threats indicates a new breed of sophisticated attacker who is intent on compromising increasingly higher-yield targets. Only real-time security techniques, that inspect the entire lifecycle of a threat, can withstand the assault and prevent data theft.”
Additional findings in the Threat Report include:
- Organisations faced an average of 1719 attacks for every 1000 users per week.
- Legitimate Web hosts were home to 85 per cent of malicious sites.
- Half of Web-connected malware downloaded additional executable content in the first 60 seconds.
- Only 7.7 per cent of malware interacted with the system registry, avoiding many behavioural detection systems and antivirus solutions.
- 32 per cent of malicious links in social media used shortened URLs.
- The USA, Russia, and Germany were the top three countries hosting malware.
- China, USA, and Russia were the top three countries hosting command and control servers.
- Only one in five emails were legitimate and email spam increased 76 per cent. Worldwide spam volumes hit over 250,000 emails per hour.
- One in 10 malicious mobile applications asked for permission to install other apps, something rarely required by legitimate apps.