There’s a reason 2011 was called the year of the hack. We saw an 81 percent increase in cyber attacks, according to Symantec, which says it stopped 5.5 billion malicious attacks last year alone.
“It’s really the automation and tool-kits that these folks are using,” said Symantec project manager John Harrison in an interview with VentureBeat. “I think we’re finding we’re not just up against a couple individuals — it’s more and more folks who are doing this. And they’re doing it primarily for financial reasons.”
Harrison explained that hackers from everywhere are able to quickly create malware due to automated tools. In 2011, over 403 million unique malware variants were found, according to a report by Symantec. That’s 41 percent higher than the year prior, and enough variants that every human living in the U.S. could have their own personal malware named after them. Of those 403 million malware variants, many were just slight tweaks on a previous type of malware. For instance, if you have a piece of malware that entered a system through a vulnerability that was recently closed, the malware writer can change the virus using automation to exploit a new hole.
The recent Mac Flashback Trojan is a good example of this. Within a few weeks of the Trojan being discovered, two new variants — Flashback.N and Flashback. S — were found infecting Macs after Apple had patched up its hole in Java.
“It’s definitely becoming wider scale,” said Harrison. “With web attack tool-kits, anyone with $100 and very little knowledge [can create malware]. We call it the consumerization of malware attack kits.”
Symantec warns that it’s not just big businesses and executives who are being targeted by cyber criminals. Any size company and any level of employee can attract a hack. Most hackers seem to be looking for personally identifiable and financial information to be sold on the black market. In 2011, 1.1 million identities were stolen per large breach, small breaches add up as well.
Another reason a small business might be hacked is the opportunity to gain access to a bigger fish through that company. “What’s [a] better [way] to attack the U.S. government than attacking it from inside a company in the U.S.?” said Harrison.
He predicts that 2012 is going to be the year of the mobile hack, as the devices become a part of who we are, and carry much of our sensitive data. Rogue applications are infiltrating app marketplaces like Google Play every day. In addition to mobile, it’s time for Apple computers to watch out. Harrison says now is the time to buy Mac antivirus software.
Mac viruses will increase as hackers gain the tools to create cross-platform viruses that can travel from mobile to Mac to PC without needing new variants.
Map image via Symantec
VB's research team is studying web-personalization... Chime in here, and we’ll share the results.