The Post-PC Threat Era is here to stay with Android threats set to top one million
Nearly five times more malware found on Android than Windows in 2012, according to newly released Trend Micro security reports
Marlow, UK – 23rd January 2013 – Cyber criminals have moved beyond the traditional PC, targeting Android, social media and even the Mac OS X with new attacks, according to Trend Micro’s 2012 Annual Roundup and Mobile Security reports. Malware targeting Android alone outpaced its Windows equivalent by 14:3 and Trend Micro predicts that threats on the mobile platform will pass the one million mark this year.
2012 Annual Security Roundup - Evolved Threats in a “Post-PC” World
Most of our predictions for 2012 have come true, as a critical mass of threats escalated past the desktop environment to mark the beginning of the Post-PC era.
- 2012 ended with 350,000 threats for Android as detected by Trend Micro. Malware growth reached 14-3 for Android versus PC, and it only took Android three years to reach the PC volume of malware threats achieved within fourteen years.
- 2012 is also the year that Java supplanted pure Windows-based threats in the attackers’ cross-hairs leading, among other things, to the first widespread attack against the Mac.
- English and Russian lead among the Top 10 Spam languages while India leads among the Top 10 Spam- Sending Countries.
- Social media platforms continued to grow as areas of concern with attackers targeting them more, users putting themselves at risk by oversharing on them, and their legitimate services being co-opted to support cybercriminal activities.
- Enterprises and organisations suffered from data breaches and targeted attacks at an alarming rate. In one incident alone, the Global Payments data breach, costs have already reached US$94 Million and are still climbing. Targeted attacks are being helped along by the “children of STUXNET”: attack code and kits like Flame, Duqu and Gauss that are derived from the STUXNET attack three years ago.
- 2012 was also the year of sophisticated APT’s such as Luckycat, Taidoor, IXESHE.
- Attackers adopted more professional software development practices rather than introducing new attacks. The Blackhole Exploit Kit (BHEK), Automatic Transfer Systems (ATSs) and Ransomware were all refined and improved with new features in ways that would make any commercial software vendor proud.
2012 Mobile Threat and Security Roundup – Repeating History
The growing mobile-threat environment is a key element of the Post-PC threat era, with Android Malware accomplishing in 3 years what PC threats took 14 years to achieve. What is also concerning is that only 20% of Android device owners use a security app. This is not a risk worth taking, as by year end 2012 there were 350,000 threats facing this relatively new mobile platform. Trend Micro predicts that Android threats will increase to 1 million in 2013. (14,15,16)
Along with advice for users and IT professionals, readers will find:
- New data as it relates to Aggressive adware in mobile devices as well as data leakages that aren’t always limited to malicious apps, since even popular and legitimate apps can disclose data.
- Nigeria tops the list of Top 10 countries at risk of downloading malicious apps.
- India leads the list of Top 10 countries at risk of privacy exposure.
- Thailand cell phones suffer the most out of Top 10 Countries when it comes to the Most Battery-Draining Apps.
"2012 was a year of real evolution in traditional threat and evolution into new platforms and geographies", said Rik Ferguson, VP of security research at Trend Micro. "The mobile threat has come of age, criminals are already moving their operations into former developing internet economies and have devoted a lot of effort to hardening their point and click attack toolkits to evade detection by security vendors. We must continue to track and anticipate these developments in the security industry. Android is already the criminals mobile OS of choice as these reports demonstrate, it is not too much of a stretch to think of criminals looking for ways to exploit other connected devices in the future."
Overall, 2012 unfolded much as our Chief Technology Officer Raimund Genes predicted
(12 Security Predictions for 2012), particularly around post-PC threats and the sophisticated targeting of attacks against specific organisations. As he noted then: “Our hope that new OSs would make the world a safer place didn’t work out.”
The post-PC malware era is here to stay, and the stakes are higher than ever.
About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, businesses and governments provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.
All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.