Security & Threat Review (2014)
2014 was a busy year for hackers, with over 300 million new pieces of malware released. That’s almost one million new threats per day. Last year also saw a record 24 identified zero-day vulnerabilities. For most users the term zero-day does not mean much, the average user only knows that all malware is bad. So, here at Great Lakes IT Services we thought it would be beneficial for the followers of our blog to be a bit more educated. Understanding the various types of threats and how they are delivered can dramatically improve your chances of NOT getting infected in the first place. Over the course of the next few weeks we will focus our blog posts to this past year’s security threats. We will cover topics that will help you stay safe on your smartphone, on your email, on social networks and web browsing in general. In the future we will continue to cover new threats as they emerge. And, we will do our best to keep our explanations in non-technical terms. These posts are geared for the average user, not the IT professional. Before we look at what happened last year, let’s take a moment to define and explain a few terms.
Vulnerability – an opening or access point into an application or piece of software that can be used to inject a virus or other form of malware
Zero-day vulnerability - a previously undiscovered vulnerability that is now identified. A zero-day attack exploits a previously unknown vulnerability. It’s called zero-day because the software developer whose software contained the vulnerability had zero days to fix the problem once the attack occurred. Zero-day attacks are rare, but when they occur they are very disruptive.
Malware – a generic term that covers all programs designed to be disruptive or to inflict harm, such as: viruses, Trojans, worms, adware, spyware, etc.
Ransomware – a form of malware that steals or takes control of your data in return for payment
Phishing – hackers pretend to be a trustworthy entity in order to gain access to your system or to acquire information such as passwords, credit card info, etc.
Spear Phishing – a phishing attack that is directed toward a specific person or company
Last Year in Review
Like it or not, most systems were vulnerable last year. The top 5 zero-day attacks last year left many systems vulnerable to attack for a total of 295 days. The most significant of these 5 vulnerabilities was an issue with an ActiveX control in Microsoft operating systems, which would allow hackers to infect your computer with malware if the user visited certain infected websites. It took Microsoft 204 days to issue a fix (patch). During that time, all systems were vulnerable if you used Internet Explorer. This vulnerability was not made public until many of us were already infected.
Last year about 60% of all targeted attacks were directed towards small to medium sized businesses. Hackers have found that many of these smaller businesses do not invest in good security and typically do not follow best practices.
The vast majority of attacks are non-targeted, which means that the bad guys hope that you fall prey to one of their infected email attachments or visit one of their compromised websites. They don’t play favorites, they will happily scam anyone.
2014 saw an increase in attacks on virtual machines. In recent years server virtualization has been a growing trend. IT professionals long thought that these machines were safe from viruses, but hackers last year had shown that malware has no problem infecting and moving from one virtual environment to another.
Ransomware grew significantly in 2014. Hackers saw that it was profitable to deal directly with end users as opposed to stealing data and then having to find buyers on the black market. The use of Bitcoins for payment made the financial transaction invisible to law enforcement. Ransomware also made the move to mobile devices, having seen the first attacks on Android operating systems.
Talking about mobile, Symantec found that 17% of all Android apps (nearly one million) were actually malware in disguise. No longer are smartphones impervious.
Not only do phones pose a huge opportunity for hackers, in 2014 we saw attacks on Point of Sale systems, ATM’s, home routers, and other non-PC devices. No longer can we be concerned with just protecting our computers.
The world of computing is constantly changing. New technologies are constantly developing and new threats emerging. Check back for future blog posts where we will delve a little deeper into the threats that lurk in emails, social networks, websites and more. We will also tell you what to look for and how to stay safe. Till next time.