Familiar Attacks Still Wreaking Havoc, HPE Cyber Risk Report Finds

Hewlett Packard Enterprise’s latest Cyber Risk Report provides some insights into how threats have changed, and how they haven’t.

CVE-2010-2568, which was first reported in 2010, was identified in the HPE report as being the top vulnerability exploited in 2015. The CVE-2010-2568 flaw helped enable the Stuxnet worm that was used as a weapon against an Iranian nuclear facility in 2010.

When looking at the proportion of vulnerabilities discovered in 2015, Windows represented 50 percent of malware samples.

The Allaple Windows worm is the top Windows malware identified in the HPE report, representing 26 percent of malware samples seen in 2015. Allaple is not a new worm and, according to HPE, was first discovered more than eight years ago.

With Windows remaining a top malware target, it should come as no surprise that Microsoft’s programming languages .NET and Visual Basic were the leading languages used to create malware in 2015.

HPE’s report noted that Apple OS X came under increasing attack by what is known as potentially unwanted applications (PUAs) in 2015. The most widespread PUA is one known as Macnist at 62 percent of OS X threat samples seen in 2015.

Ransomware was once again a real challenge for mobile users, particularly Android users. HPE reported that January was the most active month in 2015 for Android ransomware sample discovery.

Multiple forms of malware attacked Apple iOS in 2015. Among them was the Xcodeghost attack, which represented 26 percent of the malicious iOS apps discovered in 2015. Xcodeghost was first reported in September and is actually a form of compiler malware that impacts the Xcode developer tool, used to build iOS apps.

When looking specifically at Web or email exploit samples, HPE’s report identified regular HTML Web pages that include JavaScript as being a top exploit vector at 35 percent, ahead of PDF at 31 percent.