2013 was another year marked by many changes – for good and bad – in the threat landscape. Some threats waned, others grew significantly, while completely new threats emerged and made life difficult for users. What remained constant, however, were the threats against the safety of digital information. In this entry, we present some of these threats that were seen last year. These are described in more detail in our roundup titled Cashing In On Digital Information
Cybercrime: Banking Malware, CryptoLocker Grow; Blackhole Exploit Kit Tumbles
Some malware types linked to cybercrime grew significantly in 2013. We saw almost a million new banking malware variants, which was double what we saw in 2012. Much of this growth occurred in the latter half of the year:
Figure 1. Volume of new banking malware
Two countries – the United States and Brazil – accounted for half of all banking malware victims:
Figure 2. Countries most affected by banking malware
We saw ransomware become far more potent in the latter part of the year as CryptoLocker emerged as a new threat that hit users hard. This new threat – an evolution of previous ransomware attacks – encrypted the data of users, requiring a one-time payment of approximately $300 (payable in cryptocurrencies like Bitcoin) before their data would be decrypted. In some ways, CryptoLocker became as serious a problem for end users as fake antivirus malware had in previous years.
The fall of the Blackhole Exploit Kit in 2013 due to the arrest of its creator, Paunch, was a significant event that appreciably changed the threat landscape. It significantly cut the use of malicious links in spam messages by attackers. While other exploit kits have emerged into the threat landscape since then, no other kit has achieved BHEK’s levels of prominence.
Targeted Attacks and Data Breaches: Still In Operation
Despite reduced media attention, targeted attacks continued to hit organizations across the world last year. We observed attacks in many parts of the world, with countries in Asia at particular risk from these coordinated targeted attacks. Well-organized campaigns like EvilGrab and Safe highlighted the capabilities and sophistication of modern targeted attacks.
Figure 3. Countries affected by targeted attacks
Data breaches also continued to plague organizations. Companies like Adobe, Evernote, and LivingSocial were all hit by various breaches that exposed the customer data of millions of users. Breaches like these not only cause a loss of face for the affected organizations, but may also put them at legal risk for failing to protect the data of their users.
Mobile Threats: Mobile Banking Under Fire
Mobile threats continued to flourish last year, with an estimated one million malicious and high-risk apps found in the year alone. Significantly, we saw increasing use of mobile banking threats like the PERKEL and FAKEBANK families, both of which put users of mobile banking apps and websites at the same risk of fraud and financial loss that other users face. Information stealers like banking malware are now the third most common type of malicious/high-risk app found, behind traditional standbys like premium service abusers and adware:
Figure 4. Types of mobile malware threats
Digital Life: Privacy at Risk
Revelations about government spying made many question if online privacy was still alive, or even possible. Previously, users had always worried that cybercriminals could get their hands on one’s personal information; now they worry about large, previously trusted organizations – both government and private – doing the same thing.
Attacks delivered via social media (combined with social engineering) have now become the norm, with newer social networks like Instagram, Pinterest, and Tumblr suffering from their own scams as well. Indeed, attacks on all social media platforms have become so common, it may almost be considered “business as usual.”
For a more comprehensive analysis of these threats, check our 2013 roundup titled Cashing In On Digital Information.