San Jose, CA (PRWEB) April 04, 2012
ThreatMetrix, the fastest-growing provider of integrated cybercrime prevention solutions, announced today that it has identified the most threatening malware trends and organizational transformations that could wreak havoc on businesses in 2012. These include more innovative Trojan attacks, the growth of Man-In-The-Browser (MitB) page injections, the rising popularity of mobile transactions and Bring-Your-Own-Device (BYOD).
In the last year, we have seen a significant increase in sophisticated MitB Trojan activities targeting financial institutions, payment processors, governments and online businesses, said Andreas Baumhof, chief technology officer, ThreatMetrix. Additionally, cybercriminals are evolving beyond their traditional financial institution targets to now include alternative payment methods and digital currencies.
Technologies such as Facebook credits, Amazon gift cards or payment services where you can transfer money via email will become the new targets. Based on the high success rates of these targeted attacks, we expect this trend to grow exponentially in 2012, posing significant risks to businesses and institutions particularly for organizations that continue to rely on traditional solutions for cybercrime prevention, added Baumhof.
Malware continues to grow in terms of infection rate and new targets. Last year, there were 25 million new, unique strains of malware released and that number is projected to grow to 87 million by the end of 2015, according to the Aite Group. The shift toward BYOD workplace practices contributes to increased risk that corporate assets will be lost in addition to traditional attacks on e-commerce.
As malware continues to become more prevalent, ThreatMetrix has identified other trends and predictions for 2012:
Malicious Trojans will spread in more innovative ways. Social networks, such as Facebook and Twitter, open up new ways for cybercriminals to spread malware in addition to traditional drive-by-downloads, which compromise well-known websites by distributing Trojans automatically. Well-known Twitter accounts are increasingly being infiltrated and used for malware distribution. The Carberp Trojan was distributed in 2010 on a recognized news website in the Netherlands, which pushed infection rates into the hundred-thousands.
More MitB page injections. More fraudsters will employ MitB techniques to add malicious content such as JavaScript to a legitimate website, regardless of the Trojan used. The focus will turn away from solely financial institutions towards alternative payment methods, merchants and government, but also to social networking sites and identity theft in general.
Mobile is the new target. The growth in mobile banking and mobile commerce will make mobile devices a big target for fraudsters. According to Baumhof, mobile devices are already targeted to defeat SMS-based two-factor authentication for Internet banking (Mitmo Trojan). Due to the open nature of the Android operating system, malware can spread quickly and Trojans can easily hijack existing applications (DKFBootKit). Furthermore, we see more and more sophisticated malware, such as remote-controlled banking Trojans (Android/ FakeToken.A) or even rootkits.
Bring-Your-Own-Device (BYOD) trend increases risks. The BYOD trend in todays corporate networks is opening the door for cybercriminals. They are becoming more adept at planting malware that turns employees into unwitting attackers of their own companies or accounts. While historically businesses needed to be vigilant about links from strange emails, BYOD is contributing to todays malware threats through shared devices, search engine poisoning, image searches, hidden URLs, syndicated advertisements, and more.
Security and fraud are converging. Many corporate assets are protected behind a corporate firewall with rigorous access control. The advent of cloud computing and an increased use of non-corporate owned computers such as BYOD have moved these assets outside of the corporate environment and into the cloud. This effectively turns the security paradigm upside-down and shifts it to a fraud problem, which many enterprises havent been able to successfully protect.
The best protection against this years slate of malware threat is to treat fraud prevention and malware detection in a single context, said Baumhof. Apart from the protection itself, one of the biggest benefits is that it provides an early warning system, which produces crucial information for all targeted systems.
For more information, download the latest ThreatMetrix Labs Report or visit http://www.threatmetrix.com.
About ThreatMetrix
ThreatMetrix is the fastest-growing provider of integrated cybercrime prevention solutions. The ThreatMetrix Cybercrime Defender Platform helps companies protect customer data and secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The Platform consists of advanced cybersecurity technologies, including TrustDefender ID, which is cloud-based, real-time device identification, malware protection with TrustDefender Cloud and TrustDefender Client, as well as TrustDefender Mobile for smartphone applications. The company serves a rapidly growing global customer base across a variety of industries, including financial services, e-commerce, payments, social networks, government, and healthcare.
For more information, visit threatmetrix.com or call 1-408-200-5755.
ThreatMetrix Identifies the Most Prominent Malware Trends and Predictions for 2012
No comments:
Post a Comment