Cyber Security Institute


Monday, August 12, 2013

IT security spend keeps rising: Is there ROI?

The latest data from Canalys shows that the IT security spending market will reach $30.1 billion in 2017 and grow at a 7 percent compound annual growth rate from now until then. In other words, security spending will be twice the global IT spending growth rate based on the 3 percent or so most research firms expect going forward. For instance, Gartner expects global IT spending to be up a mere 2 percent in 2013 relative to 2012 due to a strong U.S. dollar and up 3.5 percent in constant currency.


Friday, August 02, 2013

CISO spending priorities revealed

According to a GDS International survey of more than 100 leading European information security professionals, investment priorities are changing. Spending to support business growth is at an all-time high (22% of 2013 budgets, up 5% on 2012 figures). Investments to maintain and run existing systems and processes are still the lion’s share, and have grown by 6% since 2011 (41% of 2013 budgets, up from 35% in 2011).



Monday, July 15, 2013

Business users visit most malicious websites, security academics find

Business users account for 57 per cent of malicious attacks while one in eight Australian IP addresses is hit by one or more Web attacks on any typical day, according to a Deakin and Macquarie University analysis of more than 200 million Web requests from Australian Internet users. The report – entitled Analysis of the Australian Web Threat Landscape and conducted by Deakin and Macquarie academics with the support of security vendor Trend Micro – reflects research that began earlier this year and has since used data analysis on a wealth of data provided on an opt-in basis by users of Trend Micro’s cloud-based security filtering services. The Australian Research Council-funded research is based on data collected during the first two weeks of May, during which devices representing 600,000 distinct IP addresses visited HTTP/HTTPS sites every day. Of 200 million requests analysed during the time, just 400,000 – from around 80,000 distinct IPs – were issued for access to malicious Web pages.


Thursday, July 11, 2013

Study: Network Reconnaissance On Rise Posing Computer Threat

In a study just released, Nuspire Networks contends network reconnaissance is on the rise, growing more pervasive and potentially damaging than the threat of computer viruses. The study finds that port scanning incidents at remote locations and branch office environments have risen nearly 40 percent from one month to the next. When a weakness is identified, it can be exploited and leads to sensitive information falling into the hands of those who intend on using it for criminal activity, the company said in a press release.


Thursday, July 04, 2013

DDoS attacks on sale for $2 an hour

Cybercriminals can now purchase DDoS attacks for $2 (£1.32) an hour from a rampant online marketplace of tools and services. That is according to a new white paper analysing the growth of the “as-a-service” nature of cybercrime penned by two senior technical bods at security vendor McAfee. As a result, the volume of cyberattacks is likely to increase” said report authors Raj Samani, vice president and chief technology officer EMEA and Francois Paget, senior threat research engineer at McAfee. The study highlighted a service offering to launch a DDoS attack on behalf of would-be attackers from as little as $2 per hour, for a one- to four-hour attack.



Tuesday, July 02, 2013

AppRiver Releases Mid-Year Global Threatscape Report

AppRiver, LLC, a leading provider of email messaging and web security solutions, today released its mid-year Global Threatscape Report, a detailed analysis of web and email-borne threats and malware trends traced between January and June 2013. Once again, the United States was the leading country of origin for spam email messages, but to the surprise of many, servers in the former Soviet republic of Belarus logged the second-highest total from January through June.



Monday, June 24, 2013

Cyber-retaliation: How security is becoming a priority for the Middle East

Although Arabic music in the UAE is popular, with so many expats living in the country Abu Dhabi and Dubai have become mainstay slots in bands’ international tours, with artists such as the Stone Roses, Metallica, Bruno Mars, Guns n’ Roses and Kanye West having played here so far this year. In April, the analyst group IDC reported that in the Middle East, a lack of adherence to IT security policies by employees was the number one challenge faced by IT professionals, followed by the threat of increasingly sophisticated attacks. The analysts said that with the combined growth of mobile devices used in the workplace that require securing, the increasing sophistication of threats and the (albeit it slow when compared to Europe and the US) growth of cloud services, organisations in the region are beginning to change their security strategy, turning to managed security services. The amount of money spent on IT security is growing at 15 percent a year, IDC said, and in some cases, companies are spending big to protect their networks.



Saturday, June 22, 2013

Phishing attacks up 87 per cent: Report

Phishing attacks, the most common form of cyber crime, are on a rise, both in India and globally. According to a recent report by Russian cyber security firm Kaspersky Lab, 37.3 million users around the world were subjected to phishing attacks in 2012-13, up from 87 per cent a year ago. Roughly 10 per cent - 3.7 million annually or around 10,000 per day - of these attacks were targeted at India, which is the third biggest victim after Russia and the US. Kaspersky found that 87.9 per cent of attacks were launched when users were surfing the web services of Yahoo, Facebook, Google and Amazon being targeted the most by hosting fake copies of these websites.


Friday, June 21, 2013

Botnets now target enterprise apps

According to Jan Poczobutt, vice president of sales at Barracuda Networks, botnets traditionally only picked on a few computers, are initiated through a command-and-control (C&C) server and were used for spamming during distributed denial of service (DDoS) attacks. Enterprises could simply filter botnets by adding them to the spam list but today, attackers have changed the way they use botnets, Poczobutt noted, speaking to ZDNet Asia in a phone interview on Friday. For example, botnets are able to go into the applications and through a series of apps looking like user request, they can bring down entire applications, he explained.



Sunday, June 16, 2013


The Open Web Application Security Project (OWASP) have published the top 10 most dangerous vulnerabilities in web-applications for 2013. This release comes to raise awareness about application security by identifying some of the most critical risks facing organizations. Injection flaws, such as SQL, OS, and LDAP injection remains the top security vulnerability for web application. This widely used bug allows attacker’s hostile data to trick the interpreter into executing unintended commands or accessing data without proper authorization.


Wednesday, June 12, 2013

Gartner Says by 2019, 90 Percent of Organizations Will Have Personal Data on IT Systems They Don’t O

Gartner predicts that by 2019, 90 percent of organizations will have personal data on IT systems that they don’t own or control. And, yet in most scenarios the organization is still ultimately accountable for the personal data on its IT systems,” said Carsten Casper, research vice president at Gartner.


Sunday, June 09, 2013

Survey shows 79% of businesses experienced a mobile security incident in past year

The new report, The Impact of Mobile Devices on Information Security, shows that 67% of firms allow personal mobile devices to connect to their networks. 88% of devices were used for corporate email, 53% had customer data stored on them, 49% had corporate data in business apps, and 48% had network logins stored. Despite this, 63% organisations said they do not attempt to manage corporate information on employee-owned devices, and just 23% use mobile management tools or a secure container on the device. 66% of respondents said they felt that careless employees posed a greater risk than cybercriminals. Surge in personal mobile devices connecting to the corporate network - 96% of respondents say the number of personal devices connecting to their corporate networks is growing, and 45% have more than five times as many personal mobile devices as they had two years ago.



Monday, June 03, 2013

Targeted attacks on the rise

There has been a significant spike in instances of the Koobface social networking worm and a dramatic increase in spam, according to the McAfee Threats Report: First Quarter 2013. McAfee Labs has also found continued increases in the number and complexity of targeted threats, including information-gathering Trojans and threats targeting systems’ master boot records (MBRs). In the company’s latest study, it found almost three times as many samples of Koobface as were seen in the previous quarter, which is a high point for the social networking worm that targets Facebook, Twitter and other social networking service users. But the increase in the number and sophistication of targeted advanced persistent threats (APTs) represented the most notable evolution in the threat landscape, as information becomes as valuable as money on the cybercrime landscape. The report found a 30 percent increase in MBR-related malware and new instances of password-stealing Trojans being repurposed to capture information on individuals and organisations beyond the financial services industry.


Tuesday, May 28, 2013

91% of targeted attacks start with spear-phishing email

These emails are part of the operations of an emerging and active targeted threat called Safe campaign, the operations of which are documented in the research paper by Trend Micro. These spear-phishing emails contain a malicious attachment and encourage a recipient to open a harmful attachment by attracting him with contextually relevant content. From a threat perspective, Trend Micro has identified five key target organisations including government ministries, technology companies, media outlets, academic research institutions and non-governmental agencies.



Saturday, May 25, 2013

Hottest job on market: Cybersecurity professionals

“We’re the largest provider of cybersecurity solutions to the federal government, so we know that we’ve got to help build that talent pipeline,” said Diane Miller, Northrop’s program director for the CyberPatriot contest, on the sidelines of the March event.


Friday, May 24, 2013

Fight against Cyber Crime is On the Right Track

Panda Security’s anti-malware laboratory, has published its Quarterly Report for Q1, analyzing the IT security events and incidents from January through March 2013. Despite the numerous security incidents that took place during the first quarter of the year, the fight against cyber crime is on the right track, and though there is still a long way to go, international co-operation among security agencies is beginning to pay off and criminals around the world are being brought to justice.



Thursday, May 23, 2013

Malware fight goes public on the web

That’s according to the Australian Communications and Media Authority, which has released a web page of statistics it sends to internet service providers (ISPs) about the infections. The authority released the data in the hope it would help reduce malicious software, or malware, infections in Australia and raise awareness about how many devices are known to be infected. The web page, published on Tuesday as part of National Cyber Security Awareness Week, contains detailed statistics of malware infections reported daily to about 130 ISPs and other network operators through the Australian Internet Security Initiative (AISI).


Tuesday, May 21, 2013

Cyber crime ‘costs small companies £800m a year’

The Federation of Small Businesses (FSB) said issues such as hacking, data security breaches and computer viruses were a “barrier to growth” that could no longer be ignored. An FSB report found that cyber crime is costing its 200,000 members a combined £785m a year – or £3,750 for every small business. Over the past year, 41pc of the group’s members have been a victim of cyber crime, often through frauds carried out by a customer or client, or so-called “card not present” situations (when purchases are made online, over the phone or by mail order).


Friday, May 17, 2013

In a sea of malware, viruses make a small comeback

The term virus is frequently used as a catch-all for malicious software, but actually describes a very specific type of program that infects files and replicates, noticeable impairing a computer. But Microsoft has noticed that viruses—which have been present on around 5 percent of the computers the company regularly polls—have increased in prevalence in some regions, wrote Tim Rains, director of the company’s Trustworthy Computing section. In the fourth quarter of last year, viruses were present on about 7.8 percent of computers scanned by the company, he wrote. In some locations, such as Pakistan, Indonesia, Ethiopia, Bangladesh, Somalia, Egypt and Afghanistan, the percentage of computers with viruses ranged from 35 to 44 percent, he wrote.


Tuesday, May 14, 2013

DDoS Attack Bandwidth Jumps 718%

“When you have average—not peak—rates in excess of 45 Gbps and 30 million packets per second, even the largest enterprises, carriers and, quite frankly, most mitigation providers, are going to face significant challenges.” In the first three months of 2013, 77% of DDoS attacks targeted bandwidth capacity and routing infrastructure, while 23% were application-level attacks that didn’t overwhelm targeted networks through packet quantity, but rather by disrupting critical applications or processes running on a server. The report also found that between the fourth quarter of 2012 and the first quarter of 2013, the total number of attacks increased marginally—by only 2%—while attack duration increased by 7%, from 32.2 hours to 34.5 hours. While 55% of all attacks came from China at the end of last year, by March 2013 that had dropped to 41%, followed by the United States (22%), Germany (11%), Iran (6%) and India (5%).


Thursday, May 09, 2013

Hackers sell out and go corporate as cyber crime becomes shift work

Online hackers are leaving surprising clues for cyber sleuths based on the time of their attacks — a trail suggesting the computer criminals are punching a clock for shift work. Chinese hackers, for instance, are on a Monday-Friday, 9 a.m. to 5 p.m. schedule, Beijing time, indicating they are likely paid employees based in that time zone. For instance, activities of the Syrian Electronic Army, a hacker group linked to the regime in Damascus, start with a bang on Sunday, the beginning of the work week in Syria. The al-Qasam Cyber Fighters, a group believed to be sponsored by Iran, shows the most activity Monday-Wednesday, when banking business in the West is at its peak, but is also active Saturday and Sunday.


Tuesday, May 07, 2013

AutoIt scripting increasingly used by malware developers

AutoIt, a scripting language for automating Windows interface interactions, is increasingly being used by malware developers thanks to its flexibility and low learning curve, according to security researchers from Trend Micro and Bitdefender.



Cybercrime booming in Latin America and Caribbean, Trend Micro finds

Internet criminals have opened a new front in Latin America and the Caribbean and seem to have founded booming businesses thanks to low levels of cybercrime protection and awareness, a rare but timely analysis of the region by Trend Micro has found. After gathering data from 20 out of 32 Organization of American States (OAS) and its own honeypots, Trend concludes that cybercrime is on the rise, not a surprise perhaps given that this is a global phenomenon, but worth paying attention to for any firm doing business in these countries. Overall, incidents increased in OAS countries by between eight and forty percent in every category of threat in 2011-2012, with hacktivism, attacks on online banks, and infrastructure probes particular standouts.



Wednesday, May 01, 2013

Cyber-Responders Seek New Ways to Respond to Cyberattacks

Last year the South Carolina Department of Revenue found that a hacker had used a “spear-phishing” attack to install at least 33 unique pieces of malicious software and utilities on the department’s servers to steal financial data. In another headline-grabbing security breach a year ago, hackers from Eastern Europe stole the Social Security numbers of as many as 280,000 people from Utah Department of Health databases, an incident that quickly forced state CIO Steve Fletcher’s resignation. The Alexandria, Va.-based company is one of a new generation of network threat detection and response companies that have sprung up over the last few years to complement traditional anti-virus and data loss prevention approaches that — although still necessary — are inadequate to cope with new types of targeted attacks.   Indeed, a post-breach investigation of Chinese hackers’ cyberattack last year on The New York Times’ computer systems uncovered that anti-virus software found only one of the 45 different pieces of malware planted on The Times’ systems during a three-month period.


Sunday, April 21, 2013

Cybercrime dominates federal caseload, Hickton says

Attorney David Hickton was installed as the top law enforcement official for western Pennsylvania, his reorganization of the criminal division included a new national security cyber group in addition to the traditional offices that prosecute white collar crime, violent crime and civil rights offenses. Robert Erdely, a retired state police trooper now serving as a detective in the Indiana County Court House, has an international reputation as a computer crime investigations expert, and often brings cases that end up in federal courts, Hickton said. “What takes a case federal is if our extra jurisdictional reach is helpful, or the tools we have on the federal side might be helpful, but frequently we have sentences that are more severe,” Hickton said. “So in violent crime, we have the armed career criminal sentences and some of the mandatory minimums for someone who, for a similar act (prosecuted under state laws), might get a low sentence or get probation” in a state or county court.


Wednesday, April 17, 2013

Microsoft Says Worm Infections Declining, but Web Attacks Rising

Companies are rooting out Conficker and Autorun worms from their networks, but attacks through the Web are still causing problems, according to Microsoft’s latest report. In the last half of 2012, the average number of infections by the two major wormlike programs, Conficker and Autorun, declined by more than a third compared with the total in 2011, the company said. While companies are slowly tackling the threat of worms, Web-based attacks—especially those that redirect a victim’s browser to a site hosting malicious code—have taken off, accounting for seven of the 10 top threats encountered by corporate users, the report stated.


Symantec: Industrial espionage on the rise, SMBs a target

Targeted cyberattacks based on IP theft are being conducted against both the manufacturing industry and smaller businesses, which are likely to have less income to invest in shoring up their defenses against attack. Symantec says that SMBs—with fewer than 250 employees—now account for 31 percent of targeted attacks, and are often seen as a means to gain access to larger firms through “watering hole” techniques. The average number of targeted attacks has increased to an average of 116 per day, made popular by the Elderwood Gang which was able to infect 500 firms in 24 hours. An interesting point highlighted within the report is that 61 percent of malicious websites are actually legitimate; targeted by hackers who exploit vulnerabilities and create diversions or channels for malware to be installed on a victim’s PC. Business, technology and ecommerce websites are most likely to be affected due to unpatched website vulnerabilities, and once malware has been downloaded, ransomware is a popular choice for hackers to get their money’s worth—especially when they buy legitimate advertising space to hide their code.


Monday, April 15, 2013

Cloud-based security services still in high demand

“This shift in buying behavior from the more traditional on-premises equipment toward cloud-based delivery models offers good opportunities for technology and service providers with cloud delivery capabilities, but those without such capabilities need to act quickly to adapt to this competitive threat.” ... Gartner is advising value-added resellers (VARs) to supplement product implementations with cloud-based alternatives that offer large customers reduced operational cost and thereby increase the likelihood of customer retention in this market segment.


Sunday, April 07, 2013

Mobile users in Middle East victims of cyber crime: Study

The study by Norton anti-virus producer Symantec showed that nearly nine out of 10 online adults (87 percent) in the MENA are mobile device users, of which a large majority (78 percent) use them to access the internet. In the event of theft or loss, a treasure trove of personal information stored on the device can potentially be accessed including personal emails, a possible gateway to other sensitive information such as work correspondence and documents (54 percent), passwords for other online accounts (20 percent), and bank statements (33 percent).


Friday, April 05, 2013

Malware attacks occur every three minutes

Malware activity has become so pervasive that organizations experience a malicious email file attachment or Web link as well as malware communication that evades legacy defenses up to once every three minutes, according to FireEye. “The high rate at which cyber attacks are happening illustrates the allure of malware,” said Zheng Bu, senior director of research. “Today, malware writers spend enormous effort on developing evasion techniques that bypass legacy security systems. Across industries, the rate of malware activity varies, with technology companies experiencing the highest volume with up to one event per second.