Kaspersky Lab: Cyber Espionage, Android Malware dominated the 1st quarter of 2013


KL_Cyber espionage and Mobile Malware copy

How protected are you against cyber crimes? According to Kaspersky Lab, provider of digital and IT security, there was an increase in the number of alleged state-sponsored cyber-attacks that were recorded by the Kaspersky Security Network (KSN), the distributed system collecting real time threats.

Reports from Kaspersky Lab’s IT Threat Evolution Q1 2013 show that the first three months of the year were full of incidents, especially when it came to cyber espionage and cyber weapons.

Cyber espionage and cyber weapons

Kaspersky Lab reported that Red October, a global operation of cyber espionage, has been active for at least five years and has expanded a network of infected systems of over 60 domain names spread across several host servers, targeting various government offices, diplomatic offices, and companies worldwide.

Their persistent technique also expanded to stealing and infecting via USB and mobile devices.

Another major threat is the Advanced Persistent threat (APT1) that is allegedly composed of Chinese hackers.

In a report from Cyber-security Company Mandiant, Kaspersky Lab cited that APT1 has been operating since 2006 and has managed to steal huge amounts of data from around 141 organizations.

Denis Maslennikov, Kaspersky Lab Security Expert and author of the report, said that China has faced accusations of its involvement in cyber attacks against government agencies and organizations in countries around the world.

“There is nothing particularly surprising about the Chinese government’s firm rejection of the assertions made in the Mandiant report,” Maslennikov claimed.

Other incidents involve international attacks from TeamSpy, who has targeted advocates and politicians in Europe. Other cyber attacks from the perpetrators were reported to be against Tibetan and Uyghur activists with the use of platforms such as Mac, Windows, and Android.

Kaspersky Lab noted that these massive attacks couldn’t be executed without real support from hundreds of people and a developed modern infrastructure.

Mobile threats

As more people make use of technology such as smartphones, cyber crime culprits also cope up with this trend.

Kaspersky Lab reported that mobile threats have increased and that they have detected 99.9 percent of new mobile threat directed at the Android OS.

Over the first quarter of 2013, Kaspersky Lab has found 20,000 new modifications of popular mobile malware. This is nearly half of what KSN found in the whole of 2012.

SMS Trojans are still the most prevalent category of mobile threats accounting for 63.6 percent of all attacks.

63.6 percent of mobile threats account to SMS Trojans. Among the most dangerous programs under the category for Android are FakeInst, Plangton, Opfake, Agent, AveaSMS, Walien, Trackplus, Copycat, Fav, Penetho, SMSReg, FaceNiff. MTK Botnet and Perkel, allegedly affecting millions of Android devices.

“The number of apps for Android is constantly on the rise, and it is often a challenge to gain popularity with users—which is why these illegitimate tactics are becoming all the more common,” said Maslennikov.

Fight against mobile malware, cyber espionage

The report noted that at least 1.3 billion threats were detected and neutralized by Kaspersky Lab. The statistics on the attacks indicated that the US, with 25.1 percent, remains to be the most targeted country used to seed for malware. Tajikistan topped the country with the highest risk of infection from malware.

KSN accounted the countries considered as “safe zones” against malware infection were Japan, Denmark, Finland, Sweden, the Czech Republic, Switzerland Ireland, The Netherlands, New Zealand, and Norway.

Jimmy Fong, Channel Sales Director for Kaspersky Lab Southeast Asia, said that while the Philippines seems relatively safe from major mobile malware and cyber espionage, he warned that attacks against government institutions and corporations are possible.

He added that recent news reports of massive denial-of-service (DDOS) attacks against a number of government websites could be used as indicators of what could possibly happen.

“These attacks can be dangerous for any institution especially now that the Philippines is linked to other countries via broadband Internet connections. Security even in the virtual world is the responsibility of everyone and putting in place the best security solutions is paramount,” said Fong.

Via: Kaspersky