User error is the biggest threat on the Internet

Sophos unveiled a detailed assessment of the threat landscape – from hacktivism and online threats to mobile malware, cloud computing and social network security, as well as IT security trends for this coming year.

Year in review: Under attack

2011 was characterized by a rise in cybercrime. The availability of commercial tools designed by and for cybercriminals made mass generation of new malicious code campaigns and exploits trivial and scalable. The net result was significant growth in the volume of malware and infections.

Cybercriminals also diversified their targets to include new platforms, as business use of mobile devices accelerated. Politically motivated hacktivist groups took the media spotlight, even as the more common threats to cyber security grew.

Hype over hacktivism

The emergence of LulzSec and Anonymous marked a shift from hacking for financial gain to hacking as a form of protest. Hacktivists sowed chaos by leaking documents and attacking websites of high-profile organizations and even defense contractors. LulzSec dominated headlines in the first half of the year with attacks on Sony, PBS, the U.S. Senate, the CIA, FBI affiliate InfraGard and others, and then disbanded after 50 days.

Risky business

Increasingly, corporate users weren’t just at home or at work, but somewhere else on the “everywhere network.” And the consumerization of IT, sometimes called “bring your own device” or BYOD, became one of the newer causes of data vulnerability. Employees accessed sensitive corporate information from their home computers, smartphones and tablets. Moreover, corporate-issued mobile devices increased risk, as did the rise of cloud services and the use of social media.

According to the Sophos online poll, which asked users if their company allows personal laptops, desktops or phones for work, nearly 50 percent of respondents said yes. Another 10 percent who said their company doesn’t allow personal devices for work preferred they did.

Changing web threats and drive-by downloads

Cybercriminals constantly launched attacks designed to penetrate digital defenses and steal sensitive data. Almost no online portal proved immune from threat or harm. SophosLabs identifies an average of 30,000 newly-infected web pages each day. More than 80 percent of these web pages are on innocent web servers, which have been hacked by cybercriminals to make them part of the problem.

Additionally, 85 percent of all malware, including viruses, worms, spyware, adware and Trojans, comes from the web, according to the Ponemon Institute. Today, drive-by downloads have become the top web threat, and in 2011, one crimeware kit, known as “Blackhole,” rose to the number one on that list.

In the Sophos online poll, users were asked about the prevalence of malware compared to 2010; 67 percent of respondents felt it was on the rise.

The emergence of Mac malware

Microsoft Windows may be the most attacked OS, but the primary vectors for hacking Windows have been through PDF or Flash. Despite Microsoft’s regular updates to patch Windows OS vulnerabilities, the content delivery systems remained the largest vulnerability on any OS. In 2011, the emergence of malware for the Mac upstaged Windows malware. There’s no doubt that the Windows malware problem is much larger than the Mac threat, but the events of 2011 show Mac users that the malware threat is genuine.

Top trends

There are many factors that will impact the IT security landscape this year and into the future. These include new attacks using social media platforms and integrated apps, more targeted attacks on non-Windows platforms, and mobile payment technologies under threat, among others which are highlighted within the report.

“As cybercriminals expand their focus, organizations are challenged to keep their security capabilities from backsliding as they adopt new technologies,” said Mark Harris, vice president of SophosLabs, Sophos. “And as we continue to access information in different ways, from different devices in different locations, security tools must be able to “protect everywhere’ – from desktops to mobile and smart devices and the cloud. But more importantly and oft-disregarded, cybercriminals will continue to stalk the easiest prey – security basics like patching and password management will remain a significant challenge.”