ISLANDIA, N.Y., Oct. 5 /PRNewswire/ -- Nearly two billion people
today use the Internet to conduct business, communicate with family
and friends, stay-in-touch with current events and entertain
themselves – and in doing so, expose themselves to an extensive and
growing number of malware threats.
CA Technologies (Nasdaq: CA) has released its State of the
Internet 2010: A Report on the Ever-Changing Threat Landscape to
provide an in-depth look at the most prevalent threat activity in
the first half of 2010 including the emergence of organized
"Crimeware-as-a-Service" that is fueling the rapid development of
sophisticated new threats. The State of the Internet 2010 white
paper provides industry insights based on the extensive catalog of
received and processed infections reported by CA Technologies'
Internet security customers and partners around the world in the
first half of 2010.
In the new report from CA Technologies Internet Security team,
researchers identify more than 400 new families of threats--led by
rogue security software, downloaders and backdoors. Trojans
were found to be the most prevalent category of new threats,
accounting for 73 percent of total threat infections reported
around the world. Importantly, 96 percent of Trojans found were
components of an emerging underground trend towards organized
cybercrime, or "Crimeware-as-a-Service."
"Crimeware isn't new, but the extent to which a services model
has now been adopted is amazing," said Don
DeBolt, director of threat research, Internet Security, CA
Technologies. "This new method of malware distribution makes it
more challenging to identify and remediate. Fortunately, security
professionals and developers are diligent about staying one step
ahead of these cyber criminals."
The most notable threats and trends of 2010 to-date include:
- Rogue or Fake Security Software: Also known as
"scareware" or Fake AV, the first half of 2010 saw this category of
malware continue its dominance. Google became the preferred target
for distribution of rogue security software through Blackhat SEO,
which manipulates search results to favor links to infected
websites domains. Rogue security software displays bogus alerts
following installation and will coerce users to pay for the fake
product/service. An interesting trend observed recently is the
prevalence of rogue security software cloning, whereby the software
employs a template that constructs its product name based on the
infected system's Windows operating system version, further
enhancing its perceived legitimacy.
- Crimeware: 96 percent of Trojans detected in H1 2010
functions as a component of a larger underground market-based
mechanism which CA Technologies Internet Security has termed
"Crimeware-as-a-Service." Crimeware essentially automates
cybercrime through collecting and harvesting of valuable
information through a large-scale malware infection that generates
multiple revenue streams for the criminals. It is an on-demand and
Internet-enabled service that highlights cloud computing as a new
delivery model. This crimeware is primarily designed to
target data and identity theft in order to access user's online
banking services, shopping transactions, and other Internet
services.
- Cloud-Based Delivery: Research revealed cybercriminals'
growing reliance on using cloud-based web services and applications
to distribute their software. Specifically, cybercriminals are
using web and Internet applications (e.g. Google Apps), social
media platforms (e.g. Facebook, YouTube, Flickr, and Wordpress),
online productivity suites (Apple iWorks, Google Docs, and
Microsoft Office Live), and real-time mobile web services (e.g.
Twitter, Google Maps, and RSS Readers). For example, recent
malicious spam campaigns are posing as email notifications
targeting Twitter and YouTube users, luring targets to a click on
malicious links or visit compromised websites. The Facebook
ecosystem has been an attractive platform for abusive activity
including cyberbullying, stalking, identity theft, phishing, scams,
hoaxes and annoying marketing scams.
- Social Media as the Latest Crimeware Market: CA
Technologies recently observed viral activities and abusive
applications in popular social media services such as Twitter and
Facebook – the result of a strong marketing campaign in the
underground market. CA Technologies Internet Security has observed
a black market evolving to develop and sell tools such as social
networking bots. Underground marketers promote new social
networking applications and services that include account checkers,
wall posters, wall likers, wall commenters, fan inviters, and
friend adders. These new crimeware-as-a-service capabilities became
evident as observed from the latest Facebook viral attacks and
abusive applications that are now being widely reported.
- Spamming Through Instant Messaging (SPIM): One new
vector used to target Internet users is SPIM, a form of spam that
arrives through instant messaging. CA Technologies Internet
Security observed an active proliferation of unsolicited chat
messages on Skype.
- Email Spam Trends: When examining email spam trends, the
Internet Security team tracked the usage of unique IP addresses in
an effort to determine the source of the most prevalent spam bot
regions. Based upon its observation, the EU regions ranked as the
number one source of spam recording 31 percent, followed by 28
percent in Asia Pacific and
Japan (APJ), 21 percent in
India (IN), and 18 percent in
the United States (US).
- Mac OS X Threats: Attackers gaining interest remains
during the first half of 2010, the ISBU witnessed Mac-related
security threats including traffic redirection, Mac OS X ransomware
'blocker' and notable spyware 'OpinionSpy'.
CA researchers continue to urge all users to be security-aware
when accessing information via the Internet and have provided the
following security tips to help ensure safe computing,
including:
- Do NOT open email from people you don't know. Think twice and
verify before clicking a URL or opening an attachment.
- Implement a strong password that you can remember.
- When conducting online banking or financial transactions, make
sure your browser connection is secure.
- Encrypt online communication and confidential data.
- Back up your important data. Keep a copy of all your files and
store them separately.
- Be cautious about instant messaging. Avoid chatting with people
you don't know.
- Protect your identity while enjoying online social networking
activities. Be wary of clicking links or suspicious profiles. Be
aware when installing extras such as third party applications; they
may lead to malware infection, or attackers could use them to steal
your identity.
- If you are using Adobe PDF Reader, prevent your default browser
from automatically opening PDF documents.
- Check for and install security updates regularly.
The CA Technologies 2010 State of Internet Security
report is intended to inform consumers and businesses of the newest
and most dangerous online threats, forecast trends and provide
practical advice for protection. The analysis provided is based on
incident information from the CA Technologies Global Security
Advisor team, submitted by the company's Internet security
customers and consumers, as well as publicly available information.
For access to the full report and additional tips, please visit:
http://www.ca.com/files/SecurityAdvisorNews/h12010threatreport_244199.pdf
The CA Technologies Global Security Advisor Team delivers the
around-the-clock, dependable security expertise, offering trusted
security advice to the world for more than 16 years. Providing a
complete threat management resource, the team is staffed by
industry-leading researchers and skilled support professionals. It
offers free security alerts, RSS feeds, PC scans and a regular blog
updated by the worldwide team of researchers. In March 2008, CA Technologies and HCL America
announced a partnership agreement. As part of this agreement, HCL
provides research, support and product development for CA
Technologies entire portfolio of threat-related products for home,
small and medium businesses, and enterprises.
(Logo: http://photos.prnewswire.com/prnh/20100516/NY05617LOGO
)
(Logo: http://www.newscom.com/cgi-bin/prnh/20100516/NY05617LOGO
)
About CA Technologies
CA Technologies (Nasdaq: CA) is an IT management software and
solutions company with expertise across all IT environments – from
mainframe and distributed, to virtual and cloud. CA Technologies
manages and secures IT environments and enables customers to
deliver more flexible IT services. CA Technologies innovative
products and services provide the insight and control essential for
IT organizations to power business agility. The majority of the
Global Fortune 500 relies on CA Technologies to manage evolving IT
ecosystems. For additional information, visit CA Technologies at
www.ca.com.
Follow CA Technologies
- Twitter
- Social Media Page
- Press Releases
- Podcasts
Legal Notices
Copyright © 2010 CA. All Rights Reserved. One CA Plaza,
Islandia, N.Y. 11749. All trademarks, trade names, service marks,
and logos referenced herein belong to their respective
companies.
Contact
|
|
Jessica Cassady
|
|
(610) 247-0898
|
|
jessica.cassady@ca.com
|
|
|
SOURCE CA Technologies
Copyright t. 5 PR Newswire