The number of cyber attacks jumped 81% in 2011, with mobile platforms like Google’s Android operating system increasingly being targeted, according to an annual “Internet Security Threat Report” released on Monday by security software vendor Symantec.
Social networks are also increasingly under attack, and represent a new frontier for cyber criminals, Symantec said.
“The very nature of these [social] networks makes users incorrectly assume they are not at risk and attackers are using these sites to target new victims,” wrote Symantec in its report.
“Due to social engineering techniques and the viral nature of social networks, it’s much easier for threats to spread from one person to the next.”
The company said it had blocked 5.5 billion malicious attacks in 2011, 81 percent more than in 2010, while the number of Web attacks that were blocked on a daily basis jumped 36 percent.
Symantec said it had identified 403 million unique malware variants during that time.
Mobile vulnerabilities increased by 93 percent in 2011, coinciding with the growing use of smartphones and tablet computing devices.
“2011 was the first year that mobile malware presented a tangible threat to businesses and consumers,” Symantec said, noting that it saw a “rise in threats” targeting the Android operating system.
“These threats are designed for activities including data collection, the sending of content, and user tracking.”
Indeed, more than half of all Android threats collect device data or track users’ activities, according to the report. Nearly one-in-four mobile threats identified in the report were designed to make money by sending premium text messages from infected phones.
Symantec said that cyber criminals are no longer exclusively targeting large businesses and high-profile executives.
“More than 50 percent of such attacks target organizations with fewer than 2,500 employees, and almost 18 percent target companies with fewer than 250 employees,” the company said in its report.
“These organizations may be targeted because they are in the supply chain or partner ecosystem of a larger company and because they are less well-defended.”
Nearly 60 percent of the attacks targeted low-profile targets, such as employees in human resources, public relations, and sales – in part because they are easy to find online. Meanwhile, about 4 to 5 percent of all business emails contained malware, Symantec said.
The report also revealed a jump in data breaches from 2010 to 2011, with 1.1 million identities stolen during each data breach last year, exposing more than 187 million identities. However, the most common cause was the loss of smartphones, tablets, USB keys or a backup device, which together exposed 18.5 million identities in 2011.
Symantec’s report revealed a positive development in the decline of spam emails, from 88 percent of all email volume in 2010 to 75 percent in 2011. The company attributed the drop to authorities having shut down one of the largest botnets in the world.
However, phishing emails and other scams continue, and malware from websites is still widespread, with 61 percent of those sites being legitimate sites that had been compromised.