Website security threat trends of 2012
Businesses face a number of threats from the digital ecosystem. The vast quantities of information stored by corporate servers make many companies a prime target for data thieving, but website security risks can emerge with other objectives as well. For example, a cybercriminal's target may actually be the site itself.
Using legitimate websites as a delivery mechanism for drive-by download attacks has become an increasingly common trend. According to a recent report by the European Network and Information Security Agency, drive-by exploits represented the top threat trend in 2012. While this type of attack is not entirely new, ENISA researchers noted that the strategy has become a threat to mobile users as well.
The other threat facing information security is the ease at which hackers can gain access to their tools. The report identified malware-as-a-service as an increasingly popular model for the underground market. The Blackhole exploit kit, for example, benefits from regular support and software updates from its developers.
"Moreover, exploit kits use a plethora of channels to deliver malware and infect unsuspected web users," ENISA explained. "An important characteristic of exploit kits is their ease of use (usually through a web interface) allowing people without technical knowledge to purchase and easily use them."
New exploit kit emerges
ENISA researchers identified Blackhole as one of the most sophisticated crimeware kits, but there may soon be an equivalent threat. According to information security journalist Brian Krebs, a new kit dubbed "Cool Exploit" was identified in November. The kit was used to distribute Reveton malware. Paunch, the cybercriminal group that develops Blackhole, later reached out to Krebs to claim responsibility for Cool Exploit as well. The new crimeware tool comes with a high price tag with Paunch charging $10,000 a month, but Krebs noted it is already used by two other hacker groups.