I’m personally overwhelmed with the pace of business today – the volume of data that crosses my desktop, my laptop and my smart phone is inconceivable. And, as the pace of business continues to escalate, so does the pace of online security threats. The most recent data released from McAfee Labs proves that advanced threats are not slowing down and, in fact, are threats too damaging to forget.
The McAfee Threats Report: First Quarter 2013 uncovered a dramatic increase in spam, reported a rise in malicious URLs, and disclosed continued increases in the number and complexity of targeted threats. From a network security perspective and my area of expertise, these trends are critical to the development of our current and future defenses and should always be on our minds.
1. Who can forget spam?
In the last year, the CIOs and CSOs I speak to haven’t asked very many questions about managing spam. But, that doesn’t mean we’re not focusing on messaging threats – which provide an easy open door to some very destructive malware. Interestingly, this quarter’s report shows an increase in spam after a long decline. In 2012, spam levels were stable despite some small upticks in July and October. This quarter, McAfee Labs witnessed a big increase in spam volumes – bringing us back to the high volumes we were dealing with in May 2011. The team uncovered that the most prevalent spam tempted recipients with drugs and delivery service notifications. With greater spam comes greater risk since these types of emails carry infections through botnets. One innocent click and the malware is released.
2. Remember when botnets were the problem?
An analysis of web threats found that the number of new suspicious URLs increased by 12 percent as cybercriminals continued their movement away from botnets as the primary distribution mechanism for malware. Most of the identified URLs host malware, exploits or code designed specifically to compromise computers. Malicious websites launching “drive-by downloads” have the notable advantage of being more nimble and less susceptible to law enforcement takedowns. This continued upward trend confirms that a multi-layered defense must be implemented across the entire business network.
3. Targeted threats will be unforgettable
While spam experienced a resurrection and suspicious URLs continue to grow, McAfee Labs discovered significant growth in the relatively new technique of “storage stack” attacks – also known as master boot record (MBR) attacks. With MBRs, the goal is to infect a machine’s storage system and from there take control of the entire device. By compromising the MBR, attackers gain a wide variety of control, persistence, and deep penetration. These attacks, including mebroot, Tidserv, Cidox, and Shamoon, have rapidly increased their numbers and have set a new record high for two quarters running – increasing more than 30 percent in Q1.
These three threats uncovered in the McAfee Threats Report: First Quarter 2013 are really just the tip of the network security risk iceberg. These trends do, however, make it clear that businesses must protect their infrastructure using a layered approach that stops web-borne, email, and network threats before they enter the enterprise. We must never forget the threats from the past or overlook the newest ones on the rise. We should continue to build our advanced network defenses to address them all – even the ones we may not even know about yet.