A new report confirms what has been a gut feeling in 2010 for cyber-security professionals: An increasing number of sophisticated cyber-attacks are occurring. These persistent threats are evolving and changing, perhaps too fast for traditional threat detection and remediation efforts to keep pace.

Hackers are employing new attack methods to circumvent or "hide" from the security protocol and technology used by many organizations, according to the Security Labs Report released by M86 Security Labs, which divulged details of the security threats detected from January through June 2010. M86 releases security reports every six months.

One emerging cyber-attack method, according to the report, is the "combined attack," which is more difficult to detect. Combined attacks split the code between the JavaScript language and the Adobe ActionScript language found in Adobe Flash. When the code is split, it's harder to detect.

"We're seeing that as one way the attackers are specifically trying to get around some of the security technologies in the marketplace," said Bradley Anstis, vice president of technology strategy at M86.

In the past, attackers accepted the fact that they weren't able to attack everyone effectively by launching bad code in one language, Anstis said, so they would go after the low-hanging fruit. But by splitting the code up, they can infiltrate systems they might not have been able to before.

"This is what's really got us worried because now they're going after some industry-leading products," Anstis said.

The report also listed the top 10 countries hosting malicious code, according to the proportion worldwide. The U.S. was No. 1 by far at 43.3 percent. The second country was China with 14.1 percent, then Russia with 4.1 percent and Germany with 3.7 percent. Of the 10 countries named, the UK came in at the bottom with 2.0 percent.

"There's definitely a lot more in the U.S. than any other location. Most websites [are] hosted in the U.S., so that is understandable," Anstis said.

But the United States hosted more infected sites in the first half of 2010 than it did in the second half. In July through December of 2009, the country came in at 35.5 percent.

Spammers also are out in force, as spam represents 88 percent of all inbound e-mail to organizations. Spam promoting pharmaceuticals comprise 80 percent of all spam, and just five botnets are responsible for 75 percent of the spam output.

Thanks to spam affiliate programs, botnet operators make money from products sold through spam e-mails. M86 suggests that a way to limit spam might be to follow the money trail.

"What we're trying to highlight is, maybe we should try to interrupt the money flow here," Anstis said.

 

Hilton Collins, Staff Writer Hilton Collins  |  GT Staff Writer

By day, Hilton Collins is a staff writer for Government Technology and Emergency Management magazines who covers sustainability, cybersecurity and disaster management issues. By night, he’s a sci-fi/fantasy fanatic, and if he had to choose between comic books, movies, TV shows and novels, he’d have a brain aneurysm. He can be reached at hcollins@govtech.com and on @hiltoncollins on Twitter.