Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Third Quarter Sees 10 Percent Increase In Blocked Malware Attack Attempts

Kaspersky Lab UK : 23 December, 2010  (Technical Article)
Kaspersky Lab reports on the quarterly growth in malware attacks with particular focus on Stuxnet and fake certificates
During the third quarter of 2010, Kaspersky Lab's products blocked over 600 million attempts to infect users' computers with malicious and unwanted programs. This is a 10 percent increase on the second quarter's figure, according to Kaspersky Lab's quarterly malware report.

The well publicised Stuxnet epidemic received the most attention during the third quarter and confirms the theory that malware is rapidly becoming more sophisticated. An analysis of the worm has shown that it was designed to change the logic within programmable logic controllers (PLCs) embedded into inverters which are used to control the rotation speed of electric motors. These PLCs operate with very high speed motors that have limited applications, such as those in centrifuges.

Stuxnet is the most complex piece of malware in cybercriminals' arsenal to date. The epidemic also marked the beginning of the era of attacks on industrial targets. The worm is unique in that it uses as many as four zero-day Windows vulnerabilities at the same time in order to infiltrate victim computers, and has a rootkit component signed with certificates stolen from integrated circuit manufacturers, Realtek Semiconductors and JMicron.

Kaspersky Lab also highlights how cybercriminals have developed their tactics to make it increasingly difficult for users to identify malicious files. The creators of adware, riskware and Rogue AVs frequently use stolen certificates to prevent their malware from being detected. "Judging by what we are seeing today, the problem of stolen certificates may become even more significant in 2011," according to Kaspersky Lab's Yury Namestnikov, author of the report 'IT Threat Evolution for Q3-2010'.

According to Kaspersky Lab's experts, the number of virus incidents relating to malicious files bearing certificates will increase dramatically in the near future. More worryingly still, sophisticated malware capable of running on 64-bit platforms will also increase.

Exploiting vulnerabilities, as before, has remained highly popular with the cybercriminal fraternity. Four new vulnerabilities emerged in the quarterly ranking: two in Adobe Flash Player products, one in Adobe Reader and one in Microsoft Office. Additionally, the Top 10 included three vulnerabilities discovered in 2009 and one discovered in 2008. This statistic shows that some users have not updated their software for years. All of the vulnerabilities listed in the Top 10 allow cybercriminals to take full control of the target system.

"The third quarter's events demonstrate that we are currently on the threshold of a new era in the evolution of cybercrime," said Namestnikov. "The concept of mass infection, as seen with the Klez, Medoom, Sasser and Kido worms is going to give way to precision strikes."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo