Web malware, more advanced and targeted than ever

Share this article:
End-users working in the energy-and-oil sector are most at-risk to succumbing to web malware, according to ScanSafe's annual threat report released this week.

Based on an analysis of 200 billion web requests processed by the security company on behalf of its worldwide customer base, the top five verticals most susceptible to web malware infection were energy and oil, pharmaceutical and chemical, engineering and construction, transportation and shipping and travel and entertainment.

Mary Landesman, ScanSafe's senior security researcher, told SCMagazineUS.com on Wednesday that this is likely attributable to the vast amounts of intellectual property stored by those sectors. Thus, an attacker who can steal data may be able to handsomely profit by, say, selling the goods to a competitor.

In total, incidents of web malware infection surged 582 percent last year, with significant rises visible toward the end of 2008, correlating with the worsening economy, Landesman said. Most users were infected by visiting a website that contained a malicious IFRAME or source reference, which initiated an exploit of a vulnerability, usually in Adobe Flash or Reader, she said. Data-theft trojans, meanwhile, rose 1,559 percent last year, the report showed. Landesman said job losses and general uncertainty may be attracting more people to cybercrime.

She added that the trojans ScanSafe analyzed were highly customizable, meaning they could be configured to launch attacks such as address resolution protocol (ARP) poisoning. ARP poisoning is a man-in-the-middle attack in which a compromised machine will claim to be target device – for instance, a printer – and any traffic sent to that IP address in good faith is delivered to the attacker.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Next Article in News

Sign up to our newsletters


More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.