New Cyber Security Threats Noted in Blue Note Annual Report

A new report on consumer online behaviour and criminal activities on the Internet noted that new security threats have recently emerged, prompting the implementation of a mix of security solutions to protect unsuspecting victims.

Blue Coat’s annual ‘Blue Coat Web Security Report for 2009’ released recently noted that security solutions are finding it difficult to keep up with the rapid attacks by cyber criminals. The popularity of social networking activities online is also making the Internet more vulnerable to recent attacks.

Based on data collected from Blue Coat WebPulse service, a cloud-based collaborative security solution, the annual report noted that the average lifespan of malware dropped to two hours in 2009, from seven hours in 2007. With this faster malware lifecycle, patches and downloads are unable to keep pace with cyber criminal activities.

The popularity of social networking has also diverted the attention of cyber criminals. The Blue Coat report noted that social networking sites accounted for 25 per cent of activity among the top 10 URL categories last year. Web-based e-mail, on the other hand, dropped in popularity from fifth place in 2008 to ninth in 2009.

“The battlefield for information security against identity theft and cyber crime is the Web. The Web, and especially social media, is where the apps are, where the eyeballs are and, therefore, where the attacks are,” said Andreas Antonopoulos, senior vice president and founding partner of Nemertes Research.

Fake security

Meanwhile, two of the most common Web-based threats the report noted were the “fakes” — fake anti-virus software and fake video codec. Though Blue Note noted that these are not the “drive by” attacks seen in recent years, these fakes nevertheless dampen cyber security efforts as they exploit user trust. These threats are not as vulnerable as other threats since these are triggered by human behaviour. Nevertheless, they are threats to cyber security.

Chris Larsen, senior malware researcher at Blue Coat Systems, said: “The increasing use of link farms to manipulate search engine results and prey on the trust users have in their Internet experience drove many of the malware exploits we saw in 2009 and are continuing to see in 2010. To provide comprehensive protection in the face of these threats, enterprises need not only a layered defence but also better user education.”

Another development that Blue Note raised in new criminal activities on the Web is malware that lurks on unexpected websites. In 2009, online storage and software downloading sites were the two most common hiding places for Web-based malware, the report noted.

“The number of online storage sites grew 200 per cent over the previous year, and this growth, coupled with the nature of the service, makes them an ideal and easily accessible malware storage location,” the report stated.

New developments

Another threat that online users should be aware of is advanced spyware. Blue Note observed that the number of malware sites, or sites that store malware for download on victims’ computers, nearly doubled last year. But more surprising is the 500 per cent increase in the number of malware effects sites, or phone-home sites that collect data from an infected computer.

“This is largely attributable to the emergence of advanced spyware that generates multiple URLs for possible activity, increasing the likelihood that one or more of the URLs will remain undiscovered long enough for cyber criminals to retrieve stolen information,” stated the report.

To help curb the proliferation of malicious activities online, Blue Note recommended the combination of cyber defences to include traditional Web gateways and cloud-based intelligence offering real-time analysis which can be made available to end-users.

Antonopoulos of Nemertes Research added: “As today’s threats move too fast for “patch and distribute” strategies, enterprises must adapt and deploy defences that are scalable, real time and community intelligence-based to protect employees regardless of location.”