Technology

Malicious software online doubles in second quarter

BUSINESSES ENCOUNTERED a significantly higher amount of malicious software or malware online in the second quarter of the year…

ADAM MAGUIRE
Fri Aug 12 2011 - 01:00

BUSINESSES ENCOUNTERED a significantly higher amount of malicious software or malware online in the second quarter of the year, according to the latest threat report from technology company Cisco.

The amount of malicious code detected online more than doubled when compared to the first quarter of 2011, with over 287,000 unique instances recorded in total.

According to the report there was also an increase in the number of “brute force” attacks on servers, perhaps unsurprising given the number of high profile data breaches that have been reported internationally this year.

In its introduction to the report Cisco said the first half of 2011 “witnessed a seemingly non-stop array of data breaches directed at companies, and sometimes individuals, across many sectors.”

READ MORE

It added that the motivation behind these attacks was extremely diverse.

Some were undertaken by criminals for financial gain while those behind other attacks claimed to do so for ideological reasons. Many other attacks were done out of what appeared to be little more than a sense of mischief on the part of the attacker.

“In some of those cases, the attackers claimed the motive was to shed light on security issues . . . but in other cases of stolen and published customer data, attackers claimed to be doing it for the ‘lulz’.”

“Lulz” is a variant of the online shorthand for “laugh out loud” and is used to suggest something is done for amusement or mischief.

The report specifically highlights the risk to business coming from Advanced Persistent Threats, which show fewer symptoms than traditional malware and take a more gradual approach to network infringement.

APTs mean that low-level breaches can be slowly leveraged to attack higher targets, ultimately allowing important information to be compromised.

Gavin Reid, a manager at Cisco who contributed to the report, said that APTs are rarely detected passively and require a pro-active approach from businesses.

“If you have something of interest and you’re not seeing APT attacks in your organisation, it is probably not that they are not occurring or that you’re safe. It’s more likely that you may need to rethink your detection capabilities,” he said.

In other threat areas the report found that the amount of spam detected globally declined slightly in the second quarter, however overall there was little change during the first half of the year.

Business Today

Business Today

Get the latest business news and commentary from our expert business team in your inbox every weekday morning