Windows Is The Most Attacked OS: Report

Quick Heal Technologies Pvt. Ltd. has released the findings from its Annual Windows Malware report, showing that the PC is still the prevalent target for malware authors today. The report was created by the Research and Development center of Quick Heal Technologies – one of the oldest R&D centers in India.

“Windows is still the most attacked Operating System. 2012 saw numerous attacks that were devised for windows vulnerabilities. Cybercriminals have leveraged zero-day exploits even more effectively with new software patterns and business models. The web is still the most conventional way of targeting victims. It is pivotal that our efforts are driven to educate, inform and create awareness among the end users because as people embrace newer platforms and devices there are more and more who end up at the wrong end of attacks, " said Sanjay Katkar, Technical Director and CTO, Quick Heal Technologies.

Quick Heal’s 2012 Windows Threats Report highlights the following:

• The Windows operating system because of its popularity and widespread use is still a highly targeted platform.

• Irrespective of the platform social engineering still remains one of the most popular ways of spreading malware. Cybercriminals continue to use attacks such as fake antivirus and ransomware.

• The major carrier of threats has been the Internet typically in the distribution of malware using social engineering or browser targeted efforts. Cybercriminals thronged to social networking sites like Facebook and even mature platforms like Twitter to create attacks based on user concerns such as Facebook policy and timeline changes. Phishing emails also continue to be one of the main vectors of spreading malware infection.

• Quick Heal database also reported a staggering 170 percent increase in Windows malware modifications or variations in 2012.

The Research and Development center of Quick Heal Technologies receives an average of 164383 malware samples per day.

Other key findings in the India Windows Malware scenario include:

• Reported growth of 90 percent in Windows malware in 2012 as compared to 2011.

• Malware attacks are more sophisticated and often combine exceptional technical dexterity.

• The attacks are financially motivated targeted at newer victims who land up on the wrong side of payment extractions.

• Trojans and backdoors comprised the vast majority of malware at 68 percent and 13 percent respectively. While virus and worms and comprised 14 percent of samples received, adware took up 5 percent.

• The malware modification samples saw an astounding jump of 170 percent in 2012. This implies that cybercriminals were focused on weak spots and develop a technique that exploits it and use it till it becomes ineffective and move on to newer exploits. New vulnerabilities assaulted Java browser plugins in all leading browsers. Socially engineered emails and poisoned web pages were disguised in the form of fake-antivirus software that froze PCs asking for money to register and remove the virus threat.

• There is a growing trend of malware infection associated with unsecure supply chains—the websites, and other channels that facilitate the informal distribution of software and media files both legally and illegally. Attackers have also taken advantage of illegal distribution of media files to spread malware.

• Malware authors still find the Windows platform to be more profitable to exploit. Polymorphic attacks are now evolving into web-distributed malware often hosted on servers that cybercriminals use to create dynamic malware.

• The report essentially highlights the urgency of protecting data everywhere and taking up more proactive approaches to vulnerabilities, applications, websites and spam.

Future Of Malware

• The findings of Quick Heal’s Windows Malware report show an unabated growth in malicious and privacy-compromising vulnerabilities that are rapidly evolving and require a more integrated approach towards stopping the breaches.

• Cyber criminals are taking the malware quest to an entirely new level where the business models are highly developed. After a thorough Research and Development, the malware authors employ testing, marketing and even incorporate multiple language translations to have a wider geographical reach.

• Even though Internet remains the most prominent way of propagating malware, there is an increasing necessity to defend against supply chain threats with detection of malware on removable devices and even counterfeit networking hardware like – USB flash drives, phone memory cards, and external hard drives etc. The malware can be inbuilt in to the computer system at manufacturing stage itself. It can be pre-designed in micro chips for various items like sensors, routers, switches etc.

• Virtualisation is all set to become the next big thing. The growing trove of data and information concentrated in these cloud storage services will attract hoards of cybercriminals. Here hybrid methods of authentication and recovery will be of primary concern. This will not be restricted to the data alone but has to be extended to the protection of the cloud infrastructure which if exploited can be used to create botnets. This calls for dynamic solutions for cloud security.

• Attacks are no longer restricted to one particular platform highlighting the necessity of complete security that protects users everywhere and whatever device they are using. Enhancement in safe guard technologies like Brower sandboxing, Machine learning technology (that already comes integrated in Quick Heal 2013 version) is also essential.

• Cyber security threats are becoming increasingly sophisticated with targeted attacks and cyber espionage, hacktivism, and forms of cyber war. The risks posed by cybercrime to the public and private sectors’ intellectual property, combined with the increasing threats to crucial infrastructure, requires combined efforts by global agencies and lawmakers.

• Awareness is crucial. Risky behavior of the users still remains a major concern for security breaches. Efforts must focus on educating and empowering end users. This also includes improved laws, collaboration, training, and crucial security investments.