Study: Java- and Android-Based Attacks Increased in 2013
- By Chris Paoli
- January 21, 2014
According to Cisco's Annual Security Report, Java flaws accounted for 91 percent of all Web-based attacks last year.
The study also found that 76 percent of the corporations studied for the network firm's report are still running the vulnerable and unsupported Java 6. The report pointed out that since 89 percent of all PCs in the U.S. have Java installed, it remains "high on the list of favored tools for criminals."
"Java provides an attack surface that is too big for criminals to ignore," read the report. "They tend to build solutions that run exploits in order—for instance, they first attempt to breach a network or steal data using the easiest or best-known vulnerability before moving on to other methods."
While Java will continue to be a low-risk, high-reward target for attackers in 2014, Cisco recommends users and network admins take steps to drastically lower the chance of attacks, including:
- Disabling Java on a network-wide level when it's not needed.
- Deploy tools that specifically monitor all Java-related Web traffic on a network.
- Keep all Java versions and antimalware software up to date.
Android Malware Volume Continues To Grow
On the mobile front, attacks aimed at Android-based devices accounted for 71 percent of all Web-based attacks and 99 percent of all mobile malware created last year was intended for Google's mobile platform.
The Andr/Qdplugin-A mobile malware was the most-used tool used by attackers (43.8 percent of Android attacks), and its delivery occurred when legitimate apps hiding the malware were downloaded from unofficial app distributers.
Cisco points to the widespread appeal of BYOD coupled with a lax security plan for employee personal devices have contributed to the rise in Android malware popularity.
"Instituting a formal program for managing mobile devices to help ensure that any device is secure before it can access the network is one solution to improve security for the enterprise," read the report.
Spam Falls Sharply
While malware continued to trend up, Cisco found that global spam volume took a nosedive in 2013. In January the global spam volume was at 80 billion per day and by December that figure had dropped to closer to 30 billion per day.
Even though spam volume has constantly decreased over the past few years, the major spam trend Cisco identified for the year was the large increase in spam activity after the Boston Marathon bombing.
Thanks to attackers using the news event to craft spam relating to the incident, spam volume numbers ballooned to more than 150 billion messages per day in the days after the April 15 bombing. At its height, 40 percent of all spam being sent out related to the Boston Marathon attack. However, the overall decline in spam volume resumed its downward trend in late May.
While Cisco points to the overall decrease in spam as one positive takeaway from the 2013 study, malicious spam numbers stayed constant.