Palo Alto Networks has been investigating the main recent trends in cyber-attacks. The survey results show that the sectors and channels that are being targeted are not necessarily the ones we might expect to be under threat.
Who is coming under attack nowadays from computer viruses? How does it happen? These are the two questions behind the survey carried out by the experts from Unit 42, the threat intelligence team at network security company Palo Alto Networks, who set out to provide an overview of current trends in web attacks. Last October this team of cybersecurity researchers and industry experts sifted through 6 million infected sessions, from a dozen sectors ranging from finance to health to government institutions in over 80 countries. Initial observations revealed that the type and intensity of attacks varies according to the sector. Government institutions, which one might imagine would be a prime target, have in fact suffered relatively few attacks compared with health workers, for example.
Universities in the front line
The survey highlights one sector which has been heavily targeted by cyber-attacks: universities. These institutes of learning and research are the victim of as many attacks on a daily basis as hotels, finance businesses and state organs put together. Previous studies had already revealed that universities, which are targeted to gain access to the – often valuable or sensitive – results of the research they perform, were particularly vulnerable to viruses but the Palo Alto Networks report reveals that the problem may be of enormous proportions. “The attacks are increasing exponentially, and so is the sophistication, and I think it’s outpaced our ability to respond,” admitted Rodney J. Petersen, who heads the cybersecurity programme at Educause, a US non-profit alliance of schools and technology companies, to the New York Times. The Unit 42 report does not however go as far as explaining why these cyber-attacks have reached such proportions but simply provides an overview of the attacks that have taken place.
Electronic messaging a vulnerable gateway
As for the channels used by cyber-attackers, the Unit 42 analysts discovered that electronic messaging is the prime means of propagating a virus. Some 87% of all viruses are propagated through messages – especially emails – compared with just 11.8% through web browsing. This ratio holds good for all the sectors analysed. In addition the survey confirms a trend that had already been observed, that close to 90% of malicious files are .exe files. Many files are contaminated by a particular type of virus called Kuluoz, which had infected over 80% of the companies and institutions polled in the survey. Given this type of threat, there would appear to be an urgent need for proper user training but some sectors certainly still require more secure systems. The year 2014 has also been identified by the latest report from Russian multi-national computer security company Kaspersky as marking a high point in cyber-attacks.