Cyber criminals have moved beyond the traditional PC, targeting Android, social media and even the Mac OS X with new attacks, according to Trend Micro’s 2012 Annual Roundup and Mobile Security reports. Malware targeting Android alone outpaced its Windows equivalent by 14:3 and Trend Micro predicts that threats on the mobile platform will pass the one million mark this year.
2012 Annual Security Roundup – Evolved Threats in a “Post-PC” World
Most of our predictions for 2012 have come true, as a critical mass of threats escalated past the desktop environment to mark the beginning of the Post-PC era.
2012 ended with 350,000 threats for Android as detected by Trend Micro. Malware growth reached 14-3 for Android versus PC, and it only took Android three years to reach the PC volume of malware threats achieved within fourteen years.
2012 is also the year that Java supplanted pure Windows-based threats in the attackers’ cross-hairs leading, among other things, to the first widespread attack against the Mac.
English and Russian lead among the Top 10 Spam languages while India leads among the Top 10 Spam- Sending Countries.
Social media platforms continued to grow as areas of concern with attackers targeting them more, users putting themselves at risk by oversharing on them, and their legitimate services being co-opted to support cyber criminal activities.
Enterprises and organisations suffered from data breaches and targeted attacks at an alarming rate. In one incident alone, the Global Payments data breach, costs have already reached US$94 Million and are still climbing. Targeted attacks are being helped along by the “children of STUXNET”: attack code and kits like Flame, Duqu and Gauss that are derived from the STUXNET attack three years ago.
2012 was also the year of sophisticated APT’s such as Luckycat, Taidoor, IXESHE.
Attackers adopted more professional software development practices rather than introducing new attacks. The Blackhole Exploit Kit (BHEK), Automatic Transfer Systems (ATSs) and Ransomware were all refined and improved with new features in ways that would make any commercial software vendor proud.
2012 Mobile Threat and Security Roundup – Repeating History
The growing mobile-threat environment is a key element of the Post-PC threat era, with Android Malware accomplishing in three years what PC threats took 14 years to achieve. What is also concerning is that only 20% of Android device owners use a security app. This is not a risk worth taking, as by year end 2012 there were 350,000 threats facing this relatively new mobile platform. Trend Micro predicts that Android threats will increase to 1 million in 2013.
Along with advice for users and IT professionals, readers will find:
New data as it relates to Aggressive adware in mobile devices as well as data leakages that aren’t always limited to malicious apps, since even popular and legitimate apps can disclose data. Nigeria tops the list of Top 10 countries at risk of downloading malicious apps. India leads the list of Top 10 countries at risk of privacy exposure. Thailand cell phones suffer the most out of Top 10 Countries when it comes to the Most Battery-Draining Apps.
Overall, 2012 unfolded much as our Chief Technology Officer Raimund Genes predicted, particularly around post-PC threats and the sophisticated targeting of attacks against specific organisations. As he noted then: “Our hope that new OSs would make the world a safer place didn’t work out.”
The post-PC malware era is here to stay, and the stakes are higher than ever.