Malicious Attacks Ballooned Last Year, Targeting Lower-Level Employees And Mobile Devices

Malicious attacks ballooned last year, with the number of malware variants growing while spam rates dropped, according to a new report (PDF) by digital security company Symantic.

At the root of the 81 percent rise in attacks were polymorphic malware attacks and email-based social engineering, though targeted assaults including politically motivated hacktivist exploits dominated media coverage. And hackers are diversifying, targeting a broader array of employees at differently-sized companies, and on a wider variety of platforms.

“In 2011 cybercriminals greatly expanded their reach, with nearly 20% of targeted attacks now directed at companies with fewer than 250 employees,” said Symantec’s chief technology officer Stephen Trilling, in a press release. “We’ve also seen a large increase in attacks on mobile devices, making these devices a viable platform for attackers to leverage in targeting sensitive data. Organizations of all sizes need to be vigilant about protecting their information.”

In addition to high-level security breaches, the company reports an increase in the number of attacks on lower-level and specialized employees who are not accustomed to taking security precautions, noting sales, human resources, and public relations departments as fresh targets.

“It is also interesting to note that these roles are highly public and also likely to receive a lot of attachments from outside sources,” reads the report. “For example, an HR or recruiter staff member would regular receive and open CVs and other attachments from strangers. ”

Researchers predict that a large user base and profit motive will drive further increases in the number of malicious attacks on smartphones, which can steal credit card info or charge users for premium text messages. And that trend could become costly to the business world, as mobile devices frequently contain both personal and business data, and are more easily misplaced or stolen than desktop or laptop computers.

At the same time, the number of spam messages fell last year, from a staggering 88.5 percent of total email messages to a still-troubling 75.1 percent.

Symantec, which develops computer security and anti-virus software, was embarrassed earlier this year when a hacker accessed the company’s network and procured proprietary source code, some of which has now been released.

Image: Don Hankins, CC-BY
Jon Christian: Jon Christian is a Boston-based reporter and blogger, particularly interested in the intersection of technology, civil rights and culture. At Tech.li, his beat encompasses Google, cloud and ultra-portable computing, haptic/cyberpunk/brain-in-a-tank news, and other cool stuff in the tech world. Tip him off at: Jon.Christian@Tech.li.