Hong Kong is the country you should head to if you want to experience a malware attack, as, according to Sophos' Security Threat Report 2013, it is the country where you're most likely to face one. According to the report, SophosLabs ranked the riskiest and safest countries for experiencing a malware attack and Hong Kong has emerged as the nation with the highest risk percentage at 23.54 percent of Threat Exposure Rate (TER). Hong Kong was followed by Taiwan at 21.26 percent, UAE at 20.78 percent, Mexico at 19.81 percent and India at 17.44 percent.
As for the safest countries, Norway emerged at the top with 1.81 percent of TER, followed by Sweden with 2.59 percent, Japan with 2.63 percent, UK with 3.51 percent and Switzerland at 3.81 percent. The TER mentioned is measured as the percentage of PCs that experienced a malware attack, whether successful or failed, over a three-month period in 2012.
The report highlighted that 2012 was a year of new platforms and modern malware—what was once a homogeneous world of Windows systems is now a landscape made of diverse platforms. Worryingly, the report stated that modern malware is taking advantage of these trends, thereby creating new challenges for IT security professionals.
80% of attacks in 2012 were redirects from legitimate sites
The report pointed out that the increasing mobility of data in corporate environments has forced IT staff to become even more agile. 2012 was also a retro year driven by a resurgence in traditional malware attacks, specifically malware distributed via the web. For example, more than 80 percent of attacks were redirects, the majority of which were from legitimate websites that were hacked.
It also stated that unprotected computers are vulnerable to different kinds of malware attack. “Exposure to the majority, but not all, comes from simply clicking on links in emails or browsing web pages that happen to be carrying malicious code. Although some websites are created with the intention of infecting visitors, legitimate websites continue to be a popular target for cybercriminals, as once they are compromised, they will infect completely unsuspecting internet users,” the report stated.
Sophos is of the opinion that while a large proportion of cybercrime continues to be opportunistic, in 2013, increased availability of malware testing platforms—some even providing criminals with money-back guarantees—will make it more likely for malware to slip through traditional business security systems. It expects to see an increase in the number of incidents where attackers have gained and sustained surreptitious access to corporate networks.
Sophos states that due to an uptick in credential-based extractions, IT professionals will need to pay equal attention to protecting both their computers as well as their web server environment. There is a fear of more attacks, giving way to a need for placing a greater focus on the need for behavioral protection mechanisms as well as system hardening and backup/restore procedures.
Sophos adds that enhanced exploit mitigation will not mean the end of exploits, instead, the market will see a decrease in vulnerability exploits offset by a sharp rise in social engineering attacks across a wide array of platforms. Sophos interestingly notes that with GPS and near field communication (NFC) becoming more integrated into mobile platforms, one could expect to see a convergence in their digital and physical lives.
“Two of the defining terms of 2012 are ‘empower’ and ‘evolve.’ Attacks and threats—on PCs, Macs and mobile devices—continue to evolve as does the technology to combat them,” said Gerhard Eschelbeck, CTO, Sophos. “As users demand more and better ways to do their jobs, IT continues to evolve, bringing forth a new set of operating systems and other advancements, replete with different security models and attack vectors, making it crucial for security technology to evolve, ensuring that end users are protected and empowered—no matter what platform, device, or operating system they choose,” he added.