Story image

Dell reports 80 billion incidents of post infection malware activity in 2013

08 Mar 2014

The Dell SonicWALL Threat Research Team has released its annual threat report, revealing significant findings from calendar year 2013, focusing on trends in zero-day vulnerabilities and new cybercriminal tactics.

The annual report is based on data collected by the Dell SonicWALL Global Response Intelligent Defense (GRID) Network, a threat intelligence network with over one million sensors that monitors traffic for emerging threats around the globe.

“Our threats researchers are unearthing unprecedented growth and threat patterns as cybercriminals steadily enhance speed and effectiveness," says Patrick Sweeney, executive director, product management, Dell Security Products.

"Even tried-and-true crimeware has evolved in the last year, becoming much more rigorous and sophisticated.

"These and other forms of threats are causing more financial and data theft to enterprises than ever before, prompting organizations of all sizes to take action against the next surge of threats with re-architected IT and processes.”

The findings in this report are based on the ongoing security research conducted by the Dell SonicWALL Threat Research Team.

Key findings for calendar year 2013 include:

- Post-infection malware activity:

At 78 billion hits globally, remotely accessed malware opens the door to risk that can cause significant damage before organisations are able to quarantine and remediate.

- There were 14 reported zero-day vulnerabilities in 2013:

Browser-based attacks lead the list with Java being the number one targeted application, followed closely by Internet Explorer, and Adobe Flash Player. Other notable zero-days targeted Adobe Reader and the Windows operating system.

- Increase in threats using SSL encryption:

Dell SonicWALL threat researchers witnessed a rise in bots relying on SSL-encrypted communication to Command and Control servers. This is designed to evade detection by disguising communication in an encrypted session.

- Death of BlackHole:

2013 also saw the end of the BlackHole exploit kit with the author’s arrest in October. As a result, the SonicWALL Threat Research Team expects 2014 to bring an increase of new exploit kits discovered in the wild.

- Advent of sophisticated Ransomware:

For the first time, in 2013, SonicWALL threat researchers saw cybercriminals begin to deploy more robust ransomware that leverages asymmetric-key encryption to encrypt critical data on infected machines.

They observed a new Cryptolocker Trojan that, unlike traditional Ransomware, leaves system access intact but encrypts various documents and executables found on the system.

Top IT security predictions for 2014 as a result of this data include:

- Hybrid malware on the rise:

Sophisticated malware that infects both mobile and desktop systems is expected to increase. Android will still be the leading platform for mobile device and will continue to be the focus for many cybercriminal attacks.

- New targets on Windows:

Windows XP – one of the top 15 affected products in 2013 – will continue to realize a surge of attacks as its support life cycle is ending in 2014. Organizations that do not migrate to a newer version of Windows and continue to use Windows XP are especially vulnerable without Microsoft support and patching. Researchers also expect to see exploits targeting Windows 7/8 to increase in 2014.

- Evolution of Bitcoin malware:

As bitcoin gains in popularity and value, cybercriminals have once again set their target on obtaining the digital currency through malicious activities.

In late 2013, SonicWALL researchers observed an increase in bitcoin-mining botnets, which were designed to hijack computing power to mine for bitcoins with zero hardware or energy expenses to the criminal operation. We expect this trend to continue well into 2014 as long as the value of bitcoin remains high.

Opinion: How SD-WAN changes the game for 5G networks
5G/SD-WAN mobile edge computing and network slicing will enable and drive innovative NFV services, according to Kelly Ahuja, CEO, Versa Networks
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
AMD delivers data center grunt for Google's new game streaming platform
'By combining our gaming DNA and data center technology leadership with a long-standing commitment to open platforms, AMD provides unique technologies and expertise to enable world-class cloud gaming experiences."
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."
Norwegian aluminium manufacturer hit hard by LockerGoga ransomware attack
“IT systems in most business areas are impacted and Hydro is switching to manual operations as far as possible.”
HPE launches 'right mix' hybrid cloud assessment tool
HPE has launched an ‘industry-first assessment software’ to help businesses work out the right mix of hybrid cloud for their needs.
ADLINK and Charles announce multi-access pole-mounted edge AI solution
The new solution is a compact low profile pole or wall mountable unit based on an integration of ADLINK’s latest AI Edge Server MECS-7210 and Charles’ SC102 Micro Edge Enclosure. 
How Dell EMC and NVIDIA aim to simplify the AI data centre
Businesses are realising they need AI at scale, and so enterprise IT teams are increasingly inserting themselves into their company’s AI agenda.