Malware, Encrypted Hacks Seeing Steep Rise: Study

by CXOtoday News Desk    Feb 26, 2016

cyber attack

According to the recent Dell Security Annual Threat Report, there has been a marked increase in the number of malware attacks over the last one year. The report also observes a continued surge in SSL/TLS encryption that is giving cybercriminals more opportunities to conceal malware from firewalls and that Android Malware is seeing a steady rise all through the year.

“Cybercrime has increased significantly around the globe in 2015 and there have been repeated incidents of breaches against organizations who believed that they had carried out their end-to-end security deployment perfectly.” said Amit Singh, Country Manager, Dell SonicWALL. 

“An organization’s security program extends from their own software and systems, to employees’ training and access, to everyone who accesses the organization’s network or data. In today’s connected world it is critical to maintain 360 degrees of vigilance,” added Singh.

“Many of the breaches in 2015 were successful because cybercriminals found and exploited a weak link in victims’ security programsdue to disconnected or outdated point solutions that could not catch these anomalies in their ecosystem,” said Curtis Hutcheson, general manager, Dell Security.

Rise in exploit kits

The report sees a rise in the use of exploit kits. While the year’s most active kits were Angler, Nuclear, Magnitude and Rig, the overwhelming number of exploit kit options gave attackers a steady stream of opportunities to target the latest zero-day vulnerabilities, including those appearing in Adobe Flash, Adobe Reader and Microsoft Silverlight.

The report further shows that cybercriminals employed a number of new tactics to better conceal exploit kits from security systems, including the use of anti-forensic mechanisms; URL pattern changes; steganography which is concealing the file, message, image, or video within another file, message, image, or video; and modifications in landing page entrapment techniques.

“Exploit kit behavior continued to be dynamic throughout the year,” explained Patrick Sweeney, vice president of Product Management and Marketing, Dell Security. The study shows SSL/TLS encryption continued to surge, leading to under-the-radar hacks affecting at least 900 million users in 2015.

Using SSL or TLS encryption, skilled attackers can cipher command and control communications and malicious code to evade intrusion prevention systems (IPS) and anti-malware inspection systems.

“The good news is that there are ways to enjoy the security benefits of SSL/TLS encryption without providing a tunnel for attackers,”said Sweeney. “In addition to general security best practices like updating your software, you can upgrade to a capable, extensible next-generation firewall with integrated SSL-DPI inspection.”

Malware for Android continued to rise

In 2015, Dell SonicWALL saw a range of new offensive and defensive techniques that attempted to increase the strength of attacks against the Android ecosystem, which accounts for a majority of all smartphones globally.

“Even though the release of Android 6.0 Marshmallow operating system in October 2015 included a slew of new security features, we can expect cybercriminals to continue finding ways to circumvent these defenses,” said Sweeney. “Android users should exercise caution by only installing applications from trusted app stores like Google Play, keeping their eye on the permissions being requested by apps, and avoid rooting their phones.”

“The threat vectors for malware distribution are almost unlimited, ranging from classic tactics like email spam to newer technologies including wearable cameras, electric cars, and Internet of Things (IoT) devices,” said Sweeney. “In today’s connected world, it’s vital to maintain 360 degrees of vigilance, from your own software and systems, to your employees’ training and access, to everyone who comes in contact with your network and data.”

The Dell Security Annual Threat Report also forcasts that the battle between HTTPS encryption and threat scanning will continue to rage, as companies fear performance trade-offs. The number of zero-day Adobe Flash viruses on the other hand, is likely to drop gradually because major browser vendors no longer support Adobe Flash.