In addition to mobile device risks, web-based attacks continue to be the primary way threats are infecting end-user devices, according to the F-Secure report. Java and Flash exploits are top threats, driven by automated attack toolkits. The malware is sometimes forcibly downloaded onto a victim's machine from a malicious website, or users are tricked into clicking a link that establishes a malicious download, F-Secure said.
The biggest threat to the network is still user interaction, said Cliff Sweazey, executive vice president of Indianapolis-based systems integrator Innovative Integration. Attackers have gotten better at tricking users using social engineering tactics, Sweazey said.
"If we can get people to stop clicking the 'Yes' or the 'OK' any time they get a false security warning, that would mitigate the vast majority of infections we see," Sweazey said. "The most dangerous viruses are the ones where the user feels like they're doing something right, but it's really very, very wrong."
F-Secure said the arrest of the author of the notorious Blackhole attack toolkit resulted in a temporary decline of some web-based attacks. Cybercriminal gangs are quickly turning to other popular attack toolkits, including the Angler, Styx and Nuclear kits, which use similar methods to drive attacks against Internet Explorer, Flash and Microsoft Silverlight. F-Secure recommends avoiding porn and dating sites, uninstalling Java in the browser, if possible, and not clicking on links or pop-up notifications from suspicious sources.
"Software distributed via the web accounted for 72 percent, or the lion’s share, of the detections in our sample Top 100. So the web is clearly the biggest source of malicious infections," F-Secure said.
Zeus banking Trojan also continues to spread, security firms say. Fortinet's recent analysis of the threat landscape said the firm saw more than 20 million attempts to infect FortiGate-protected networks. Although Zeus is known as a banking Trojan family, the latest attacks deliver the CryptoLocker ransomware, which encrypts system data and then demands money to unlock the files, Fortinet said.
PUBLISHED MARCH 5, 2014