Panda Security’s PandaLabs has released its 2010 annual security report, covering a range of issues including malware, cybercrime and social media exploitation. What were trends and how do they relate to the channel? Read on for some interesting details …
According to PandaLabs, in 2010, cybercriminals created and distributed one-third of all existing viruses, which allots to 34 percent of all malware that has ever existed and classified by PandaLabs. That’s a huge chunk of gunk, but despite the numbers, PandaLabs saw a light at the end of the tunnel: new threats are decreasing since 2009. That’s a shift from a constant trend of 100 percent increasing threats since 2003. According to PandaLabs, 2010 saw only a 50 percent increase.
That threat could be, in part, by non-malware and virus threats taking over. PandaLabs’ research claims that in 2010 hackers exploited social media in part through fake websites and acted quickly on zero-day exploits to do damage and steal user information. Facebook and Twitter were prime hunting grounds. What’s more, ‘cyberwar’ was seen as a rising trend, with the Iranian infection of Stuxnet infecting nuclear power plants, along with ‘cyberactivism,’ seen during DDoS attacks in support of WikiLeaks.
The data here would suggest that security risks that directly affect information, passwords and sensitive documents are more valuable means of threats rather than malware and viruses. Still, Banker Trojans were the most prevalent malware in 2010, followed by viruses and worms. ‘Rogueware,’ or fake antivirus software, is a growing trend, making up 11.6 percent of all the malware gathered in 2010, according to PandaLabs. (‘Rogueware’ was an ominous occurrence during my time as a help-desk tech. Many of these programs mask themselves as enterprise-level protection programs, even duplicating the Windows tray icon. To be safe, a full re-image was often required.)
Even with all the infections in the world, Thailand, China and Taiwan topped the charts with 60 percent to 70 percent of the world’s infected computers — an interesting dichotomy — along with the welcomed drop in the amount of spam — from 95 percent of all e-mail traffic in 2009 to 85 percent of all e-mail traffic in 2010.
You can check out the full report here, but I think you can easily sum up the threat landscape simply: More direct, more devious and more elaborate. Information is a commodity and cybercriminals have upgraded from vandalism to theft. Security VARs can take this information and use it to develop more sophisticated forms of security that exist beyond end-user protection and dive deeper into data-loss prevention.