Cyber security report: Social networks – a favorite target for hackers

This post is also available in: עברית (Hebrew)

IBM published its midyear information security risks report for the first half of 2013. The report highlights the ongoing challenges faced by organizations, who have to deal with the successful tactics used by hackers.

Social networks became the main targets for hackers, a situation which is made worse by the prevalence of mobile devices. According to the reports by the IBM X-Force security team hackers target large companies with advanced security capabilities. Relatively new technologies abuse user trust and utilize frequently-visited internet websites. DDOS attacks, massive volumes of fake internet traffic that are directed at a website in order to bring down its servers, are actually used by hackers as a decoy: The hackers use the time spent on preventing the DDOS attacks in order to infiltrate other systems. The organization’s IT personnel are forced to make hard choices based on real time threat assessments, without being aware of the full scale of the attack or which systems are the real targets.

Security experts also report more sophisticated attacks on entry points to organizational networks through web servers: The attackers locate vulnerabilities which have not been properly fixed and patched, and infect SQLi databases with malware. Other attacks abuse the basic trust exhibited by typical users when visiting social network websites, or harm users through the use of fake identities on the same websites.

Many attackers take advantage of users and webmasters who neglect and disregard basic security regulations. One such attack targets servers hosting a large number of websites stored on them, and the people who access these websites. After hacking into the server it can be used to spread malicious code to other websites – or even relatively sophisticated users, who usually avoid phishing attacks. Other advanced attacks target branches of international organizations. The attackers infiltrate branches with relatively simple security measures and through them gain access to the networks of the main organization.

iHLS – Israel Homeland Security

Another growing risk: Hackers gaining control of profiles of popular social media users, which puts their followers at risk. Successful attacks of this nature may harm an organization’s reputation.

According to the IBM security report mobile device continue to attract malicious code writers. Even though the volume of threats facing these devices grows quickly, they’re still a small minority out of all the threats and vulnerabilities discovered this year. Less than 30% of documented mobile vulnerabilities had malicious codes that targeted and actively abused them. The growing popularity of Android devices led to the appearance of malicious code that focuses on them. During the first six months of 2013 an especially advanced trojan targeting Android devices was discovered, called Obad. Obad offers a glimpse at the high level of sophistication of such threats in the future.

The rate of detection and publication of security breaches during the first six months of 2013 is similar to the rate documented in 2012. Suppliers using content management systems (CMS) improve the rates at which these breaches are patched as part of the services and systems they offer. However, software developers who develop plugins for the same systems fall behind when dealing with security threats.

During the first half of 2013 many new security breaches were discovered only on the day of the attack itself. Most of these discoveries were made during focused attack efforts – implying high levels of sophistication by the attackers, whose motivations were economic.