Surge of targeted attacks in 2010

A general theme in 2010 was the rise of the highly-targeted attack. Two of the most high profile examples were finely targeted attacks that had very specific aims: Stuxnet, which targets industrial software, and Hydraq, which attempted to steal intellectual property from large corporations. The Stuxnet worm infects any Windows PC, but only targets particular software that controls industrial processes, such as those in factories or chemical plants. Various other features of the worm, including the fact that most infections were in Iran, led to mass speculation that it was developed either by the US or Israel to target the Bushehr nuclear power plant in Iran. More here.

Overall, 2010 saw an increase in these highly targeted types of attack that often involved social engineering techniques whereby attackers researched key individuals within the targeted organisation.

Attack toolkits, which can be used by novices, continued to see widespread use and increasingly targeted Java vulnerabilities. Norton Internet Security Expert Con Mallon told us: “Java is very attractive to attackers because it gives them a chance to go multi-OS, multi-platform. Developers need to be very aware of any vulnerabilities that are spotted for Java, keep themselves patched and really keep their knowledge up to date.” Daily web-based attacks were up 93% on 2009, with two-thirds of these attributable to attack kits.

Attacks on mobile operating systems are also on the rise. Most attacks so far have been Trojans, but Symantec also found 163 vulnerabilities in the popular mobile platforms. Con told us “To keep things in perspective, we found 5500 vulnerabilities in total across all OSs and platforms, so it’s still a small number, but the pace of activity seems to be rising. Most people have anti-virus software on their Windows system and only a tiny minority have it on their smartphones and tablets. That’s going to have to change; I think it will change pretty quickly.” Most of this year’s Trojans have been created by inserting malicious code into legitimate applications.

Social networks continued to provide a rich feeding ground for attackers in 2010. URL shorteners were widely used to conceal malicious links, and Symantec found that of these, 73% were clicked 11 times or more.

You can see the full report here.

Thank you for reading 5 articles this month* Join now for unlimited access

Enjoy your first month for just £1 / $1 / €1

*Read 5 free articles per month without a subscription

Join now for unlimited access

Try first month for just £1 / $1 / €1

The Creative Bloq team is made up of a group of design fans, and has changed and evolved since Creative Bloq began back in 2012. The current website team consists of eight full-time members of staff: Editor Georgia Coggan, Deputy Editor Rosie Hilder, Ecommerce Editor Beren Neale, Senior News Editor Daniel Piper, Editor, Digital Art and 3D Ian Dean, Tech Reviews Editor Erlingur Einarsson and Ecommerce Writer Beth Nicholls and Staff Writer Natalie Fear, as well as a roster of freelancers from around the world. The 3D World and ImagineFX magazine teams also pitch in, ensuring that content from 3D World and ImagineFX is represented on Creative Bloq.