Malware Grows as C&C Servers Drop; IoT Looms

Written by

The United States hosts more than 43% of all malicious links and more C&C servers than any other country in the world. However, when analyzing infection rates/ratios based on the number of IP addresses in a country, the United States ranks only as the 28th most-affected location when it comes to malware.

That’s according to the latest quarterly IBM X-Force intelligence report, which found that Lithuania and other Eastern European countries lead the pack with the highest infection rates, with the Russian Federation listed as the third most-affected area.

The report also examined the impending impact of the internet of things (IoT). As with other broad categories of technology such as the cloud or mobile, the IoT can offer productivity and quality-of-life improvements, but it can also drag in its wake a host of unknown security threats.

On the existing threat front, IBM found that China hosts the second-highest concentration of malicious links, with around 11%; nearly doubling from 2013 when it had 6.2%. Germany fell from second to third, now hosting only 8.3% of malicious links, down from 9.8% 14 months ago.

The report also found a decrease in infected C&C servers with the exception of Lithuania (even the US dropped by 4% in the past 14 months), but said that potential attackers may simply be distributing infections to a larger number of countries. Attacks continue to increase; IBM’s earlier Cyber Security Intelligence Index found the average company experienced 91 million security threats in 2013—a 12% increase over 2012. And, the perpetrators aren’t bound by geography of course.

“Typically, attackers use remote code execution to install malware, which may have any number of malicious actions, such as keylogging, screen-grabbing and remote access for the attackers,” said Leslie Horacek, IBM X-Force threat response manager, in a blog.

Meanwhile, regarding IoT, tactics such as strong authentication and access control, data privacy protection and strong application security will become critical, the report cautioned. IDC predicts there will be more than 30 billion connected things by 2020, growing from 9.9 billion in 2013—driven by intelligent systems collecting and transmitting data.

“While we are still defining what the IoT is and how it will benefit individuals and enterprises, rest assured that it is a revolution and will take its place among existing emerging technologies such as the cloud, analytics, mobile and social,” said Horacek. “Upon hearing the term IoT, many call to mind a circus of devices with esoteric functions, such as Google Glass and the new Apple Watch wearables, or perhaps home automation hardware such as thermostats that are aware of their owners’ presence or refrigerators that post to Facebook when you’re out of milk.”

But, she noted that the devices that comprise the broad IoT perform different functions, expose “wildly diverse threat surfaces” and require security strategies that are specific to each category of device.

“In the past few years, the types of attacks that have been reported across the IoT have been varied, such as the exploitation of web application vulnerabilities, man-in-the-middle attacks, and password attacks,” she said.

What’s hot on Infosecurity Magazine?