Symantec: Attacks Rose While Vulnerabilities Fell in 2011
Google's Android OS, due to its open nature, became a favored target of cyber-criminals, according to Symantec.
The number of malicious and Web attacks continued to grow rapidly in 2011, with mobile platforms like Googles Android operating system increasingly becoming key targets of cyber-criminals, according to security software vendor Symantec.
In their annual "Internet Security Threat Report," released April 30, Symantec officials pointed out that the rise in malicious attacksan 81 percent increase from 2010comes at the same time that the number of vulnerabilities fell by 20 percent.
In 2011, Symantec blocked more than 5.5 billion malicious attacks, and saw the number of unique malware variants jump to 403 million, company officials said. In addition, the number of Web attacks blocked per day increased 36 percent.
Symantecs findings are similar to what Hewlett-Packard reported in its 2011 "Top Cyber-Security Risks Report," announced April 19. In that report, HP officials said that the number of vulnerabilities in 2011 dropped 20 percent from 2010, but that the risks involved in those vulnerabilities is growing. HP also found that the number of cyber-attacks more than doubled in the second half of the year.
In their report, Symantec officials noted that targeted attacks, which had been associated primarily with attacks on larger organizations, are becoming more common among small and midsize businesses (SMBs). More than half of the targeted attackswhich use social engineering and customized malware to get unauthorized access to sensitive datawere aimed at businesses with fewer than 2,500 employees, with 18 percent targeting companies with fewer than 250 workers.
Theyre not just targeting executives with deep access to confidential information either, Kevin Haley, director of product management for Symantec Security Response, said in an April 30 post on the company blog. Fifty-eight percent of people who are being targeted are in positions such as public relations, human resources and salespositions that can provide cyber-criminals with corporate information and open the door to more attacks. Advanced persistent threats, stealthy attacks by well-funded and organized groups, are also on the rise.
The number of daily targeted attacks increased from 77 per day to 82 per day by the end of 2011, Symantec said.