Malware production has increased and web-based PDF attacks are on the rise, according to the Symantec Global Internet Threat Report for 2009. This important report “provides an annual overview and detailed analysis of Internet threat activity, malicious code, and known vulnerabilities. The report also discusses trends in phishing, spam and observed activities on underground economy servers,” according to the Symantec website. Here are a few highlights from the report:
PDF-targeted attacks are on the rise: Cyberattacks linked to PDF views accounted for half of all web-based accounts last year, a significant increase from 11 percent in 2008. If you’re interested in learning more, check out how a security researcher recently discovered how to booby-trap PDFs.
Social networks are receiving targeted attacks: In order to target certain businesses, cybercrooks are attacking the social networking profiles of employees at those companies. Additionally, these attacks are becoming more sophisticated; cybercriminals are using spear phishing ploys to target network and administrators because they oversee customer data.
Malware creation has increased: Thanks to automated tools, it’s easier than ever to create and distribute malware. Symantec identified more than 240 million new malicious software programs in 2009, a 100 percent increase from the previous year.
Cybercriminal activity is shifting to “emerging” countries: The report identifies several countries with emerging broadband infrastructures, including Brazil, India and Russia, as some of the top sources for cybercrime. For instance, Brazil, which ranked fifth in 2008 in terms of malicious activity, rose to the third spot in 2009. The South American nation currently accounts for six percent of all malicious activity worldwide.
New botnet activity: The total number of active infected bots per day in 2009 decreased by 38 percent from 2008. In addition, the number of distinct bot–infected computers was reduced by 28 percent. However, even though the number of bots declined, botnet activity did not; the number of bot command and control servers increased from over 15,000 in 2008 to over 17,000 last year.
To check out the full report (warning – it’s almost 100 pages!), click here.