Malware attacks sneak under the radar for Asia-Pacific companies

Malicious hackers are regularly exploiting lesser-known vulnerabilities while organisations focus on the threats posed by high-profile “boldface” vulnerabilities, Cisco Systems has warned as it releases a 2014 Midyear Security Report (MSR) that shows Asia-Pacific companies are far more likely to encounter malware than colleagues in other geographies.

The report analysed malware attacks by vertical industry and found that companies in the Asia-Pacific region (including Japan and China) were more likely to encounter malware if they were engaged in industries including Automotive; Clubs & Organisations; Banking & Finance; Energy, Oil & Gas; Insurance; Manufacturing; Pharmaceutical & Chemical; Real Estate and Land Management; and Transportation & Shipping.

Regional insurance companies, for example, were pegged at a malware rate some 560 percent higher than the baseline – nearly twice the 300 percent figure for Europe and the Middle East and five times the rate in the Americas. This was an “unusual” uptick, Cisco Systems associated program executive Bryce Baker noted.

Aviation companies were the most heavily skewed industry in Cisco's results, with airlines in the Americas dealing with malware at around 680 percent above baseline – compared with around 35 percent of baseline in the Asia-Pacific region.

iframe attacks were the most common form of exploit, followed by scams, phishing and click fraud.

Cisco's analysis also aggregated malware reports and found that fully 94 percent of customers networks scrutinised this year have traffic going to Web sites known to host Palevo, SpyEye, and Zeus malware.

Some 70 percent were found issuing DNS queries for Dynamic DNS domains, which can be used to mask source IP addresses. Furthermore, 44 percent of the networks made DNS requests for encrypted services that allow users to cover their tracks online using the likes of VPN, SSH, SFTP, FTP and FTPS.

The report also observed an 87 percent decline in the use of exploit kits, which have become less widely utilised ever since the creator of the popular Blackhole exploit kit was arrested last year. Several new exploit kits observed in the first half of this year “were trying to move in on territory once dominated by the Blackhole exploit kit,” Baker notes, “but a clear leader has yet to emerge.”

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Have you registered yet to hear from Richard Thieme, Fran Trentley, CERT Australia, NBN Co, telstra, Women in IT security, Craig Davies and many more... No then Register your seat today not many left

Earn CPE credits and recieve the book "Mind Games"signed by the author as well on the day.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags VulnerabilitiesmalwareCisco SystemsBlackhole exploit kitmalicious hackersiframe attacks

More about C2CERT AustraliaCSOEnex TestLabNBN CoSSHTransportation

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

More videos

Blog Posts