Cyber-Attackers Focus on Small Businesses, Web-Based Malware: Symantec

In its annual Internet Security Threat Report, Symantec reported that it's seeing more targeted attacks and a focus on Web attacks, instead of email being used to send malware attachments.

Targeted attacks have increased in the last year with a larger proportion targeting small businesses, security software company Symantec stated in its Internet Security Threat Report released on April 16.

In 2012, an average of 116 targeted attacks hit organizations every day, up from 82 attacks in 2011, with manufacturing companies replacing government agencies as the favored target of such attacks, the company found. Symantec defines a targeted attack as an operation that focuses on a specific target or victim, to differentiate them from large-scale attacks of opportunity.

Small businesses continue to be a focus of such attacks, with firms of 250 or fewer employees accounting for 31 percent of attacks, Symantec's report stated. The focus on small businesses is likely because attackers see them as a stepping stone into the networks of large companies, Vikram Thakur, principal manager of Symantec's security response group, told eWEEK.

"The fact that government is no longer the No. 1 target—it's manufacturing—supports our assertion that attackers are going after the supply chain," he said.

The trend is one of several highlighted in Symantec's annual analysis of the data collected from its nearly 70 million sensors, which are the endpoint clients, network appliances and network honeypots that report malicious activity to the company.

Among the major trends, Symantec saw the number of Web attacks detected per day increase to 247,000 in 2012, up from 190,000 in 2011. Yet spam appears to be on the decline, with the overall global spam volume dropping to 30 billion messages per day in 2012, down from 62 billion per day in 2010.

"Malware, spam and social engineering continue to be massive, chronic problems," the company stated in the report. "Although they have been around for a long time, attacks continue to evolve and they still have the potential to do serious damage to consumers and businesses."

The company also reported an increase in software vulnerabilities that matched the data from other companies, which is expected as many of the security firms use similar data sources.

The Mac OS X platform continues to attract more attention from attackers, with 10 families of malware targeting the operating system in 2012, according to Symantec. Yet, mass malware attacks still overwhelmingly focus on the Windows operating system, the company said.

"At some point, we will reach the stage where the malware authors will focus on the Mac platform," Thakur said. "I think that's coming, but I don't think we are there yet."

In the mobile arena, malware rose 58 percent in 2012 compared with 2011, but 97 percent of the malicious programs targeted the Android operating system, Symantec stated in the report.

The number of security vulnerabilities in each mobile platform appears to have no correlation to the number of attacks. In 2012, Apple's iOS had 387 vulnerabilities publicly reported, while the Android and BlackBerry operating systems had only 13 vulnerabilities each. Yet far more malware hit the Android OS, with about 140 families of malware, each with more than 4,000 variants on average, targeting the platform.

Robert Lemos

Robert Lemos

Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's...