In their latest report, an IT security company has analysed the development of IT threats in the first quarter of 2013. The first three months of the year turned out to be full of incident, especially when it came to cyberespionage and cyberweapons, according to Kaspersky Lab
At the very beginning of the year, the IT firm published a report with the results of a study into five-year global cyberespionage operations. The operation was dubbed Red October
In February a new malicious program, dubbed MiniDuke
February also saw the publication of an extensive PDF report
Dennis Maslennikov, Senior Malware Analyst at Kaspersky Lab, said:
“The first quarter of 2013 brought a huge number of major incidents related to cyberespionage and cyberweapons. Incidents that require months of relentless investigation are relatively rare in the antivirus industry. Even rarer are events that remain relevant three years after they take place — like the detection of Stuxnet, for example.
“Although this worm has been studied by numerous antivirus vendors, there are still lots of modules that have only been examined briefly, if at all. The study of Stuxnet version 0.5 has provided more information about this malicious program in general. It’s likely that we’ll find even more information in the future. The same can be said about the other cyberweapons detected after Stuxnet, as well as malware used in cyberespionage — there’s a lot we still don’t know.”
The first quarter of 2013 also saw more targeted attacks against Tibetan and Uyghur activists. The attackers appeared to be using everything at their disposal to achieve their goals, and users of Mac OS X, Windows, and Android were subjected to attacks.
In 2011, we witnessed mass hacks of several companies and some major leakage of users’ data. It might seem like these attacks came to nothing — but not so! Cybercriminals remain as interested as ever in hacking large companies and getting their hands on confidential data, including user information. In the first quarter of 2013 victims included Apple, Facebook, Twitter, and Evernote, among others.
The mobile threat front was also full of incident in Q1 2013. January may have been a quiet month for mobile virus writers, but over the next two months Kaspersky Lab detected in excess of 20,000 new mobile malware modifications, which is equivalent to roughly half of all the malware samples detected over the whole of 2012.
There were also minor changes to the threat geography. This time around, Russia (19 per cent, -6 percentage points) and the US (25 per cent, +3 percentage points) once again switched places in the ratings in terms of malicious hosting services — the US returned to first place. The percentages of other countries were more or less unchanged from Q4 2012. The rating of the most prevalent vulnerabilities saw no significant shifts. Java vulnerabilities are still on top, detected on 45.26 per cent of all computers. On average, Kaspersky experts counted eight different breaches on every vulnerable machine.
You can read the full version of the report on the evolution of IT threats in Q1 2013 at securelist.com
