Security vendor, M86, has found in the first half of 2011 a rise in malware spread through embedded files, HTML attachments, blended threats URLs and social networking scams.
M86’s latest bi-annual security report has found that while spam levels were on the decline, targeted, evasive malware were on the increase.
“Some of the larger botnets have been taken down in the first half of this year, so the amount of spam has been reduced significantly,” M86 APAC engineering director, Jason Pearce, said.
While spam levels have gone done, Pearce does not expect that spam will go away completely and instead will come back once new tools and botnets are created.
“Because these technologies are quite easy to build and new toolkits will be created to put together new botnets, spam will likely return,” Pearce said.
“But the fact that some of the major ones have been taken down has meant that there is quite a significant reduction in the amount of spam in the first half of the year.”
The report has singled out malware and more aggressive phishing attacks as on the rise recently.
“About 92 per cent of all attacks we see now occur from the web vector because it’s much easier to gain a larger audience through web based attacks than with email attacks,” Pearce said.
“What we saw in the back end of 2010 was over 84 per cent of legitimate web sites were used for malicious malware hosting, and now hackers are getting access to a much larger audience without the need to do the required social engineering because the web page itself is the social engineer that is attracting the user through its content."
With this growing malware threat, Pearce sees the massive amount of malware creating a lot of issues for Australian businesses that use technology that is incapable of protecting against this new wave of threats.
“These types of attacks will continue and they will be more targeted towards specific industries and the government,” Pearce said.
“People want to get as much information out of these Web pages as they can to sell on the black market, so attacks on banks for credit card information and governments for sensitive information will continue throughout the rest of the year not only in Australia, but globally as well.”
For Australian businesses that are keen to protect themselves from malware, Pearce suggests educating users on what to look for and how to avoid clicking on suspicious looking links, as well as looking at technology that is able to detect malicious code as part of code analysis instead of relying on heuristic databases for making determinations.
“The problem that we have now with a lot of existing technologies in Australian businesses is that unless a customer is attacked, a vendor won’t be able to create a signature or a matching file for that particular attack because they won’t know that it occurred, so URL filtering as a prime protective mechanism against malicious code is not effective,” Pearce said.
“They need to look at technology that is based on code analysis and what the code of the webpage is trying to do, because that is the only real way that you can protect against this new wave of malicious code.”
Other findings made by the report included social networks such as Facebook and Twitter becoming regular targets for scams, with users being coerced to divulge personal information via surveys.
Last year, M86 saw an uptick in the number of spam-related domains from Russian registrars.