Summary of AVG Web Intelligence Report
On 2 November 1988 a 22-year old Cornell University student called Robert Morris released an internet worm capable of exploiting vulnerabilities in the UNIX operating system. It is estimated that it infected 10 percent of the internet. Twenty years on, the scale of the malware problem has grown astronomically.
Today’s internet attacks are organized and designed to steal information and resources from consumers and corporations. Although there have been instances of attacks driven by politics and religion, the main motivation is financial. The web is now the primary route by which cybercriminals infect computers, mainly due to the fact that increasing numbers of organizations have secured their email gateways.
As a consequence, cybercriminals are planting malicious code on innocent websites. This code then simply lies in wait and silently infects visiting computers. The scale of this global criminal operation has reached such proportions that on average Anti-Virus companies discovers one new infected webpage every 4.5 seconds – 24 hours a day, 365 days a year.
The past years have proved that malware is more than just a Microsoft problem. Although the sheer number of Windows threats far outweighs attacks against any other platform, cybercriminals are turning their attention to other operating systems such as Apple Macintosh, and vulnerable crossplatform software. This seems likely to continue in up-coming years, with the increasing popularity of portable devices such as the iPhone, iPod Touch, Google Android phone and ultra-mobile netbooks.
In order to combat with the latest security threats, AVG conducted series of research and released their Web Intelligence report for April 2010, I was pleased to review this report and find some interesting facts and figures. In their report, they have shown how hackers managed to infect computers with their malware while taking advantage of an unpatched Internet Explorer vulnerability (zero-day) that was disclosed to the public. They also exposed the epidemic of this zero-day vulnerability on the web and the impact it has on users browsing the web without protection. They advised in their research that a public disclosure information about an un-patched vulnerability (zero-day) leads to a swift response by hackers.
The disclosed information was embedded in an Exploit toolkit known as Neosploit and used by several cybercriminal gangs around the globe. The exploit toolkit Neosploit is software written by hackers and sold online to cybercriminals who use it to infect innocent web users with their malware. The toolkit includes everything the cybercriminal needs to operate its attack – the malware, the exploit code, the statistic reports etc. (AVG Web Intelligence Report).
The complex security questions were answered in this report, such as:
How the compromised Website serves the exploit?
How the malicious Code Hackers tries to install malware on the End-user PC?
How can users be protected from such common security attacks?
In summary, AVG was managed to visualize what happens between the time that a vulnerability is discovered and used by hackers in-the-wild, until a security patch become available by the product vendor. Knowing that users’ PCs are vulnerable, hackers are rushing to ‘color’ the Web with their attacks. Even non technical hackers can join the ‘party’ by distributing the exploits using readily available attack toolkits software packages.
Computer users will continue to face challenges in securing and controlling their computers, as criminals attempt to capitalize on new technology to make money and cause disruption. In addition, threats like identity theft and fraud will still occur far into the future because of human mistakes. However, if managed properly, the problem should not be insurmountable. Sound security practices, up-to-date protection and an active commitment to keep informed can all help defend business networks in the year ahead.
The good news is that security software is getting better all the time. Proactive detection of new, unknown malware threats is at an all-time high, and computer users who are sensible and properly defended can dramatically reduce the risks.