Adware is top security threat: Trend Micro
New quarterly report records 1.5m malware detections in the Middle East during Q3 2014
In a third quarter that saw the Middle East hammered with 1.5m malware detections, the top security threat in the region was adware, according to the latest security report from Trend Micro.
In its quarterly roundup - Vulnerabilities Under Attack: Shedding Light on the Growing Attack Surface - Trend Micro said that, while adware was the top security threat, online banking malware, ransomware, malicious websites and mobile apps continue to present high risk for the Middle East.
According to the report, e-mail reputation queries (spam e-mail) totalled 24m in Q3 2014. This included 14m in Saudi Arabia, 8m in the UAE, and 2m in the rest of the Middle East.
"Our findings confirm that we are battling rapidly moving cyber-criminals and evolving vulnerabilities simultaneously. With this fluidity, it's time to embrace the fact that compromises will continue, and we shouldn't be alarmed or surprised when they occur," said Raimund Genes, CTO at Trend Micro.
"Preparation is key and as an industry we must better educate organisations and consumers about heightened risks as attacks grow in volume and in sophistication. Understanding that cyber-criminals are finding vulnerabilities and potential loopholes in every device and platform possible will help us confront these challenges so technology can be used in a positive way."
Meanwhile, the report also detailed the third quarter's most major development: the new critical vulnerability known as Shellshock. Trend Micro said that this bug threatened more than half a billion servers and devices worldwide. The report also revealed that web platform and mobile app vulnerabilities have broadened significantly, resulting in "high-impact" attacks on businesses and consumers.
Trend Micro said that the big surprise about Shellshock was that it emerged after going unnoticed for 20 years, which suggested the likelihood of more long, undiscovered vulnerabilities lurking within operating systems or applications.
As in previous quarters, the report said that significant and critical vulnerabilities were found in mobile platforms such as Android. Exploit kits were highly utilised in Web platforms and provided cyber-criminals another resource to compromise victims' systems, Trend Micro said.
The report added that, in an effort to steal credit card information and money, threat actors are targeting large retailers' point-of-sale (PoS) systems to execute data breaches. This ongoing practice further indicates that PoS networks are highly accessible and vulnerable, Trend Micro said. The vendor added that cyber-thieves also utilised updated versions of older versions of popular malware and online banking malware to successfully target victims.