Daily Targeted Attacks Increase Fourfold
Symantec researchers found that the number of daily targeted attacks has increased almost fourfold compared with the beginning of the year. In the same report, Symantec identified the public sector as the most frequently targeted industry, with approximately 20.5 targeted attacks blocked each day. Hacktivists highlighted how effectively they could embarrass corporations by using SQL injection and cross-site scripting to steal and publicize potentially sensitive data. Hacktivist collective Anonymous famously breached HBGary Federal's email servers and leaked personal emails belonging to CEO Aaron Barr and other executives."Thousands of different companies around the world were attacked in 2011, with no stone left unturned," said Sverdlove. However, very few enterprises disclose breaches publicly and, when forced to do so because of legal and government regulations, refuse to discuss the methods used in the attacks, according to Anup Ghosh, founder and CEO of Invincea. This makes it hard to share information or to get a proper view of existing threats. "The truth is we're all victims of cyber-exploits. It's time to remove the stigma and disclose what's going on if we are to ever going to force change in the industry," Ghosh said. Organized crime dominated cyber-exploits in 2011 as criminals figured out how much easier it is to steal money online. Law enforcement authorities were busy in 2011, breaking up cyber-criminal rings, including Operation Ghost Click in which six individuals netted over $14 million and shutting down botnet operations. McAfee reported more than 80,000 new variants of malware were generated each day in 2011, a 400 percent increase in the rate of malware production since 2007. Malware developers increasingly took advantage of vulnerabilities in Web browsers, as the number of Java-based browser exploits grew significantly. Invincea researchers also noticed an increase in threat-injection attacks against operating system services, Ghosh said. These browser exploits evaded most antivirus and application whitelisting techniques as they never hit the disk drive, according to Ghosh.
They also used distributed denial-of-service attacks as a form of protest. This included attacks on repressive governments in the Middle East and companies that cut ties with the WikiLeaks sites that circulated stolen government and corporate documents. Along with the effectiveness of their attack methods, these hackers also showed how effectively they could organize using social media tools such as Twitter and Pastebin.