Symantec Corp's () Internet Security Threat Report, Volume 18 (I) today revealed an increase of 42 percent in 2012 in targeted attacks over the previous year. Designed to steal intellectual property, these cyber-espionage targeted attacks are increasingly affecting the manufacturing sector, as well as small businesses, which are the target of 31 per cent of these attacks. Small businesses are the same attractive targets and a way to finally reach larger companies via "" techniques. In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform.
"The ISTR this year shows that cybercriminals are not slowing down, and continue to invent new ways to steal information from organizations of all sizes," said chief technology officer, Symantec. "The sophistication of attacks coupled with the complexity of today's IT, such as virtualization, mobility and cloud, requires companies to remain active and use security measures' defense in depth'per keep up the attacks." Targeted attacks are growing most among firms with fewer than 250 employees. Small businesses are now the target of 31 percent of all attacks, a three-fold increase from 2011.
While small businesses can expect to be immune from targeted attacks, cybercriminals are enticed by the banking information of such organizations, customer data and intellectual property. Attackers are perfected in small businesses that often lack proper safety practices and infrastructure. The web-based attacks increased by 30 percent in 2012, many of whom came from compromised sites of small businesses. These sites were then used in massive cyber attacks and attacks "watering hole". In a watering hole attack, the attacker compromises a Web site, such as a small business website or blog, which is known to be frequented by the victim for interest. When the victim later visit compromised Web site, a targeted payload of attack is silently installed on your computer. Elderwood Gang pioneer of this class of attack, in 2012 infectedSuccessfully 500 organizations in a single day. In these scenarios, the attacker exploits the security of a strong business to circumvent potentially stronger security of another business. The manufacturing sector and knowledge workers become primary goals Switching from governments, the production moved to the top of the list of areas targeted attacks in 2012. Symantec believes that this is attributed to an increase in targeted attacks in the chain - cybercriminals find these contractors and subcontractors at risk of attacks and are often in possession of valuable intellectual property. Often going after manufacturing companies in the supply chain, the attackers access to sensitive information of a larger company. Moreover, managers are not the main targets of choice. In 2012, the most common targets victims of these types of attacks of all sectors have been (27 percent) with access to theintellectual property, as well as those of the sales (24 percent). Mobile malware and malicious Web sites to consumers and businesses at risk Last year, mobile malware has increased by 58 percent, and 32 percent of all mobile threats attempted to steal information, such as e-mail addresses and phone numbers. Surprisingly, these increases can not necessarily be attributed to an increase of 30 percent in the mobile vulnerabilities. While Apple's iOS has had the most documented vulnerabilities had been discovered only a threat during the same period. Android, on the other hand, had a lower number of vulnerabilities, but more threats than any other mobile operating system. The market share of Android, the open platform and methods of most distribution available to spread malicious applications, making it the go-to platform for attackers. In addition, 61 percent of malicious websites are actuallylegitimate sites that have been compromised and infected with malware. Business, technology and the webdi shopping sites were among the top five types of websites that host the infection. Symantec attributes this to the unpatched vulnerabilities on legitimate websites. In past years, these websites were often targeted for selling fake antivirus to unsuspecting consumers. However, ransomware, a method of particularly vicious attack, is emerging as the choice of malware due to its high profitability for the attackers. In this scenario, the attackers are using poisoned sites to infect unsuspecting users and block their machines, demanding a ransom to regain access. Another growing source of infections on websites is - this is when criminals buy advertising space on legitimate Web sites and using them to hide their attack code. More information is available at or by connecting withSymantec at:.