Cisco Sees Jump In Java Attacks
About 10% of malware encounters come through search engines, with Google leading the list.
How Firesheep Can Hijack Web Sessions
(click image for larger view)
Slideshow: How Firesheep Can Hijack Web Sessions
Watch out for "malware encounters." On average, enterprise users come face-to-face with 133 web-based pieces of malware per month, although in August, such encounters spiked to an average of 140 per month. About 10% of malware was encountered via search engines or related services; 7% could be traced to Google, followed by Yahoo at 2%.
Those findings come from a new Cisco Global Threat Report investigating security trends in the third quarter of 2010.
Interestingly, in that timeframe, exploits against Java rose, while attacks against Adobe Acrobat and Reader declined. "Exploits targeting Sun Java increased from 5% of all malware encounters in July 2010 to 7% in September 2010," said Mary Landesman, market intelligence manager at Cisco. "However, PDF exploits targeting Adobe Reader and Acrobat actually declined over the quarter, from 3% of all web malware blocks in July 2010 to 1% in September 2010."
When it comes to malware, some industries also see more attention from attackers. The businesses most at risk are pharmaceutical and chemical companies, which saw the number of attacks aimed at them increase in recent months by 372%. Other industries that saw substantial increases in malware that targeted them included the energy and oil sector (a 209% increase in malware), and agriculture and mining (169%).
In terms of botnets, at least judging by traffic volumes, Rustock appears to be king. Cisco said that between July and September 2010, one out of every five security events handled by its security monitoring service involved Rustock.
"The Rustock botnet was the most frequently encountered event handled by Cisco Remote Operations Services (ROS), peaking in late August," said Landesman. "This botnet is believed to be one of the largest purveyors of spam and has been most predominantly affiliated with sending pharmaceutical and counterfeit watch spam, often in the form of a breaking news alert, a tactic first popularized by the Storm botnet."
Thankfully, 65% of malware attacks get blocked before ever reaching a PC, said Cisco. Of the attacks that make it through, Cisco said that exploits targeting Sun Java, Adobe Reader and Acrobat, and Adobe Flash are the three most commonly seen.
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024