The number of zero-day vulnerabilities discovered in 2011 was down by 43%. However, new mobile device-related vulnerabilities discovered during the year increased by 93%, according to Symantec's report.
The number of unique malware variants increased to 403 million, and the number of web attacks blocked by Symantec per day increased by 36%. In total, the company blocked more than 5.5 billion malicious attacks in 2011, an increase of 81% over the previous year.
“That speaks directly to the capability of toolkits. The bad guys are getting very efficient with the use of existing vulnerabilities and using these toolkits to create unique versions of malware”, Kevin Haley, director of Symantec Security Response, told Infosecurity.
Haley noted that there were 10 malware families that accounted for 45% of all unique malware in 2011.
“A family could have thousands or even millions of variants, but it is the same essential code base….Criminals are using the same code to spin off all of these variants”, he said.
Targeted attacks are growing, with the number of daily targeted attacks increasing from 77 per day to 82 by the end of 2011. The targets of these attacks are also becoming more diverse.
Targeted attacks use social engineering and customized malware to gain unauthorized access to sensitive information. These advanced attacks have traditionally focused on public sector and government; however, in 2011, targeted attacks diversified.
More than 50% of such attacks targeted organizations with fewer than 2,500 employees, and almost 18% targeted companies with fewer than 250 employees. These organizations may be targeted because they are in the supply chain or partner ecosystem of a larger company and because they are less well defended, the report noted.
More than half of targeted attacks go after employees in roles such as human resources, public relations, and sales. Individuals in these jobs may not have direct access to information, but they can serve as a direct link into the company. They are also easy for attackers to identify online and are used to getting inquiries and attachments from unknown sources.
On the other hand, spam levels have fallen considerably, though this is likely a result of attackers turning more of their attention to social networks as attack vectors. Haley attributed the decline in spam rates to the takedown of the Rustock botnet.
“We will continue to see a lot of malware sent through spam. We are also seeing more malware in social media. This is not suprising. It is a perfect environment for things to go viral very easily”, Haley observed.
Approximately 1.1 million identities were stolen per data breach on average in 2011, a significant increase over the amount seen in other years, according to the report. Hacking incidents posed the greatest threat, exposing 187 million identities in 2011 – the greatest number for any type of breach last year.
However, the most frequent cause of data breaches that could facilitate identity theft was theft or loss of a computer or other medium on which data is stored or transmitted, such as a smartphone, USB key, or a backup device. These theft-or loss-related breaches exposed 18.5 million identities, the report found.