This Past Year Can Be Viewed as the Year of Android Malware

By Jeffrey Burt  |  Posted 2012-04-30

Symantec: Attacks Rose While Vulnerabilities Fell in 2011

The number of malicious and Web attacks continued to grow rapidly in 2011, with mobile platforms like Google€™s Android operating system increasingly becoming key targets of cyber-criminals, according to security software vendor Symantec.

In their annual "Internet Security Threat Report," released April 30, Symantec officials pointed out that the rise in malicious attacks€”an 81 percent increase from 2010€”comes at the same time that the number of vulnerabilities fell by 20 percent.

In 2011, Symantec blocked more than 5.5 billion malicious attacks, and saw the number of unique malware variants jump to 403 million, company officials said. In addition, the number of Web attacks blocked per day increased 36 percent.

Symantec€™s findings are similar to what Hewlett-Packard reported in its 2011 "Top Cyber-Security Risks Report," announced April 19. In that report, HP officials said that the number of vulnerabilities in 2011 dropped 20 percent from 2010, but that the risks involved in those vulnerabilities is growing. HP also found that the number of cyber-attacks more than doubled in the second half of the year.

In their report, Symantec officials noted that targeted attacks, which had been associated primarily with attacks on larger organizations, are becoming more common among small and midsize businesses (SMBs). More than half of the targeted attacks€”which use social engineering and customized malware to get unauthorized access to sensitive data€”were aimed at businesses with fewer than 2,500 employees, with 18 percent targeting companies with fewer than 250 workers.

€œThey€™re not just targeting executives with deep access to confidential information either,€ Kevin Haley, director of product management for Symantec Security Response, said in an April 30 post on the company blog. Fifty-eight percent €œof people who are being targeted are in positions such as public relations, human resources and sales€”positions that can provide cyber-criminals with corporate information and open the door to more attacks. Advanced persistent threats, stealthy attacks by well-funded and organized groups, are also on the rise.€

The number of daily targeted attacks increased from 77 per day to 82 per day by the end of 2011, Symantec said.

This Past Year Can Be Viewed as the Year of Android Malware

Mobile vulnerabilities grew 93 percent in 2011, and there was a jump in threats that targeted Android. Last year, for the first time, mobile malware presented a €œtangible threat to businesses and consumers,€ Symantec officials said. The relatively open nature of Android and its apps market is making the Google operating system an attractive target for cyber-criminals, according to security firms. In March, security software vendor Total Defense noted that 25 times more Android malware was detected in 2011 than in 2010.

€œThis past year can be viewed as the year of Android malware with more than 9,000 escalations, clearly illustrating the exponential growth of threats targeting this platform,€ Total Defense CEO Paul Lipman said at the time his company€™s report was released. €œThe rise of Android malware opens up an interesting debate about security architectures and the merits of open versus closed systems. While users have the ability to install any code, from anywhere, the problem is that criminals see this as an advantage, too.€

In February, a report by Juniper Networks found that malware targeting Android grew 3,325 percent in the last seven months of 2011.

There was some good news on the mobile front, according to Symantec€™s Haley.

€œOne bright spot in the report is the reduction in spam emails being sent€”from 88 percent of all email volume to 75 percent€”as authorities shut down one of the largest botnets in the world,€ he said. €œBut while the number of spam emails declined, there was an increase in phishing emails and other scams. Malware is still rampant on Websites and in email. Surprisingly, the report notes that 61 percent of Websites exposing users to malware are actually legitimate sites that have been compromised, rather than sites created for the sole purpose of infecting users. And 4 to 5 percent of business email messages sent now contain malware.€

The Symantec report also noted the increase in data breaches, with a rising concern over the issues of lost mobile devices. About 1.1 million identities were stolen during each data breach last year, a significant increase over previous years, the company said. While hacking incidents were a key threat€”exposing more 187 million identities last year€”data breaches were more likely to be caused by lost smartphones, tablets, USB keys or backup devices. Such lost or stolen devices exposed 18.5 million identities.

Symantec officials expect that number will go up, and smartphones and tablets continue to outsell PCs, and more people are using these devices for work, part of the bring-your-own-device (BYOD) trend in organizations that still are trying to determine the best ways to secure and manage these devices that are accessing the corporate network.

Earlier research by Symantec found that half of lost mobile phones are not returned, and 96 percent of lost phones will sustain a data breach.


Rocket Fuel