Users’ Online Behavior Deeply Influence Cyber Attack Techniques
In its annual report for 2009, security firm "Barracuda Labs" indicates the changes in Internet user behavior and the consequent attacker trends. The report mentions that human behavior like the use of social networking sites and search topics on the Internet contributes in influencing the assault techniques of cybercriminals.
As per the report, search result poisoning along with social engineering (phishing and FakeAV) are the techniques used in 69% cyber assaults, as compared to 39% conducted using software vulnerabilities.
The attacks on social networking websites is due to their immense popularity and huge user base, noted the security firm. For example, between November 2008 and April 2009, 48 out of the top 100 Twitter celebrities at present started using this service. Consequently, this led to a radical increase in public interest, which rose from 2% growth rate in November 2008 to a 21% growth rate by April 2009.
Realizing the opportunity, criminals came in, contributing to 66% increase in Twitter attacks during the period. According to Barracuda an attack involve not just developing fake accounts, but exploiting direct messages to distribute malicious links by using the current news stories, and employing direct messages to run their spam campaigns.
Chief research officer for Barracuda Networks, Dr. Paul Judge, informed that as social networking sites, and particularly Twitter, become increasingly entrenched in everyday business, it is important to understand the nature of assaults these websites are facing, as well as the way in which networks and users can be hijacked, as per the news reported by LIVE-PR on March 10, 2010.
Further, the report disclosed that 92.24% from 700 Billion mails Barracuda Labs analyzed in 2009 were spam. Out of this volume, 0.07% were found infected with harmful threats, 1.12% were suspicious and just 6.57%were authentic. phishing attacks and trojans were the major kinds of malware embedded in an e-mail.
The report also claims that Web exploit kits were heavily used by cyber attackers to host exploits on hacked sites. These kits carry small pieces of code that will be accessed by visitors to the websites that are otherwise authentic. The exploit webpage usually makes attempts at numerous exploits based on a variety of vulnerabilities in user's browser, software and machine.
Related article: Users Making Opening Online Accounts To Identify Thefts
» SPAMfighter News - 17-03-2010