McAfee Labs has released the
McAfee Labs Threats Report: Fourth Quarter 2013, highlighting the increased threat from credit card theft. The company
also said problem software is increasingly disguised to look legitimate, making the likelihood of getting infected more likely.
Each quarter, the McAfee Labs team of 500 multidisciplinary researchers
in 30 countries follows the complete range of threats in real time,
identifying application vulnerabilities, analysing and correlating
risks, and helping to protect enterprises and the
public.
Detailed research of the high-profile Q4 credit
card data breaches found that the point-of-sale (POS) malware used in the attacks were
relatively unsophisticated and likely purchased “off the shelf”. McAfee Labs’ ongoing research into
underground markets further identified the attempted sale of stolen
credit card numbers and personal information known to have been
compromised in the Q4 retail breaches. The researchers found the thieves
offering for sale some of the 40 million credit card numbers reported
stolen in batches of between 1 million and 4 million at a time.
“The
fourth quarter of 2013 will be remembered as the period when cybercrime
became ‘real’ for more people than ever before,” said Vincent Weafer,
Senior VP for McAfee Labs. “These cyber thefts occurred at a time when
most people were focused on their holiday shopping and when the industry
wanted people to feel secure and confident in their purchases. The
impact of these attacks will be felt both at the kitchen table as well
as the boardroom table."
In the fourth quarter alone, McAfee Labs
found more than 2.3 million new malicious signed applications, a 52%
increase from the previous quarter. The practice of code-signing
software validates the identity of the developer who produced the code
and ensures the code has not been tampered with since the issue of its
digital certificate. The
vast majority of growth is due to dubious content development networks
(CDNs). These are websites and companies that allow developers to upload
their programs, or a URL that links to an external application, and
then 'wrap' it in a signed installer.
“We can see from
the threat statistics in the Q4 report that Asia Pacific comes in third
place after North America and the Europe-Middle East market, with 8.4%
of servers hosting suspect content here,” said Wahab Yusoff, Vice
President for McAfee South Asia.
“Although only a rather
small number of suspicious content is hosted in Asia, we should remain
vigilant and monitor the situation as cyber attacks don’t know physical
borders.”
The McAfee Labs team warns that the growing
number of maliciously signed files could create confusion among users
and administrators, and even call into question the continued viability
of the long-established certificate authority (CA) model for
authenticating “safe” software.
“Although the expansion
of the CA and CDN industries has dramatically lowered the cost of
developing and issuing software for developers, the standards for
qualifying the identity of the publisher have also decreased
dramatically,” said Weafer.
“We will need to learn to
place more trust in the reputation of the vendor that signed the file,
and less trust in the simple presence of a certificate.”
Click here to read the full McAfee Labs Threats Report: Fourth Quarter 2013 report.
