Johannesburg, 03 Aug 2011
IT security and data protection firm, Sophos, has published its Mid-Year 2011 Security Threat Report.
It reveals that fake anti-virus and search engine poisoning have become more commonplace, and since the beginning of 2011, Sophos has identified an average of 150 000 malware samples every day.
This equates to a unique malware file being created every half-second, a 60% increase since 2010. In addition, around 19 000 malicious Web site addresses (URLs) are now identified daily, with 80% of those URLs being pages on legitimate Web sites that have been hacked or compromised.
High-profile hacking attacks against governments and corporations have dominated the security landscape in 2011. The result is that other security issues which could pose a greater threat to businesses, governments and consumers - such as fake anti-virus, search engine poisoning and social networking scams - have received less attention.
“With a new, unique malware threat seen almost every half second, it's vital for businesses to build the proper defences. This year has seen a continued massive increase in the volume of malware, in which the Web is the dominant vector for both targeted and mass-scale attacks,” says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.
“The virulence of attacks such as fake anti-virus requires a prompt move by IT organisations and consumers to employ more layered Web protection and defences to reduce the attack surface of the devices they use,” he says.
The Mid-Year 2011 Security Threat Report focuses on new types of threats that have dominated the information security landscape since the start of 2011. The report also offers advice on how organisations can properly defend themselves against the new wave of malware and scams.
Key threats identified in the report include:
* Search engine poisoning, also known as Black Hat SEO, is on the rise, threatening businesses of all sizes. Cyber criminals manipulate search results from Google, Bing and Yahoo to lure Web surfers to malicious pages. These criminals usually hijack key words relating to breaking news or other popular search terms. Hackers redirect users to malicious sites that place viruses, worms, Trojans or fake anti-virus software on computers. Search engine poisoning attacks are extremely effective, and account for more than 30% of all malware detected by Sophos's Web Appliance (SWA).
* Social media threats have sharply escalated while mass scale e-mail-focused attacks are diminishing. Facebook users in particular are wary of the social network's safety, with 81% of respondents to a Sophos poll saying Facebook posed the biggest security threat of all social networks - up from 60% in 2010. As Facebook holds so much personal information on users, scam attacks have been severe in 2011. The scams include cross-site scripting, clickjacking, bogus surveys and identity theft.
The full Sophos Mid-Year 2011 Security Threat Report includes additional details of these and many other current and growing security threats. Journalists can access the report by visiting the following link, no registration required: http://www.sophos.com/midyearsecurity2011.
Share