FORGET
pickpockets or thieves. The biggest threat to your smartphone now is
kidnappers cyber “kidnappers” that is, with their Ransomware.
As
the name suggests, ransomware is a malware (malicious software) that
will keep your phone or computer a prisoner until you pay a ransom. Only
when the specified amount of money is paid will you be able to “free”
your device and access data or information.
Although it is not
new ransomware is said to originate from Russia in 2005 and has been
attacking many computers worldwide since the
Symantec Corp
Internet Security Threat Report (ISTR) Volume 18 revealed that
ransomware is emerging as the malware of choice because of its high
profitability for attackers.
Luckily, says Symantec Malaysia's
senior technical consultant David Rajoo, to his knowledge, no cases have
been reported here yet.
“However, as the worldwide web has no
boundaries and with increasing broadband penetration and as more users
are accessing the Internet, Malaysia is certainly exposed to the
Ransomware threats,” he says.
Infected machines display messages which demand payment in order to restore functionality. - David Rajoo
Rajoo points out that awareness is key to combat ransomware threat.
As
the report highlights, attackers are using deceptive links and poisoned
websites to infect unsuspecting users with malicious software and lock
their machines.
“The attackers, many of them cybercriminal
organisations, then hold users' machines for ransom. Infected machines
display messages which demand payment in order to restore
functionality,” he tells.
Recent attacks have also displayed images that impersonate law enforcement.
Consumers on the Android platform are most vulnerable to ransomware and mobile threats, says the report.
Last
year, mobile malware increased by 58%, and 32% of all mobile threats
attempted to steal information, such as e-mail addresses and phone
numbers.
Although Android has fewer vulnerabilities, its threats
are higher than any other mobile operating system. Its open platform and
the multiple distribution methods available to distribute malicious
apps make it the go-to platform for attackers, adds the report.
With
malware growing sophisticated every day, Rajoo adds, a mix of
intelligence-based technologies can provide optimal security to stop new
and unknown malware.
To avoid getting infected, ensure the
device's software and anti-virus definitions are up to date, and avoid
suspicious sites, Rajoo advises.
“We also advise users to use
more than antivirus for protection. We recommend using advanced
reputation security which provides layered defence. Use more than just
Antivirus use a full functionality solution which includes heuristics,
reputation-based, behaviour-based and other technologies,” he says,
stressing that a key strategy is to fend off threats before they
infiltrate your computer system.
Symantec Malaysia's Systems Engineering
director Nigel Tan
agrees that stopping the threat at the gate is important as cyber
criminals continue to devise new ways to steal information from
organisations of all sizes.
Staying ahead of attacks
“The
sophistication of attacks coupled with today's information technology
complexities require organisations in Malaysia and globally to remain
proactive and use “defence in depth” security measures to stay ahead of
attacks,” he added.
According to the annual ISTR which analyses
the year in global threat activity, Malaysia was ranked 35th on its
global Internet security threat profile in 2012.
As it highlights, there was a 42% surge last year in targeted attacks globally compared with the prior year.
These
targeted cyberespionage attacks, designed to steal intellectual
property, are increasingly hitting the manufacturing sector as well as
small businesses, which are the target of 31% of these attacks.
Small
businesses are attractive targets themselves and a way in to ultimately
reach larger companies via “watering hole” techniques.
In a
watering hole attack scenario, attackers compromise a carefully selected
website by inserting an exploit resulting in malware infection. Through
the compromised website, the attackers will target victims who visit
the compromised site and take advantage of their software
vulnerabilities to drop malware that will allow them to access sensitive
data and take control of the vulnerable system.
As Symantec
alerts, 61% of malicious websites are actually legitimate websites that
have been compromised and infected with malicious code.
Business,
technology and shopping websites were among the top five types of
websites hosting infections. The shift of focus from government websites
indicates an increase in attacks targeting the supply chain
cybercriminals find these contractors and subcontractors susceptible to
attacks and they are often in possession of valuable intellectual
property.
The attack uses the security weaknesses in the supply
chain specifically the small businesses to gain access into larger and
more secured companies, adds Symantec.
Case in point is that those in sales became the most commonly targeted victims last year.
Another
growing source of infections on websites is malvertisements this is
when criminals buy advertising space on legitimate websites and use it
to hide their attack code.
Tan urges organisations to continue to
take proactive initiatives to secure and manage critical information
from a variety of security risks, especially targeted attacks in the
manufacturing and small business sectors, mobile malware, and phishing
threats.
By HARIATI AZIZAN sunday@thestar.com
