Click here to close now.



Welcome!

Java IoT Authors: Pat Romanski, SmartBear Blog, Kevin Jackson, Scott Allen, Charlotte Spencer-Smith

News Feed Item

Trend Micro Reports Confirm the Arrival of the Post-PC Threat Era

Android-to-Windows Malware Growth Rate of 14-to-3 in Newly Released Security Reports

CUPERTINO, Calif., Jan. 23, 2013 /PRNewswire/ -- With the release of its 2012 Annual Roundup and Mobile Security reports, Trend Micro documents how cybercriminals have moved beyond the PC, targeting Android, social media and even the Mac OS X with new attacks. Highlights from these reports include:

2012 Annual Security Roundup - Evolved Threats in a "Post-PC" World
Trend Micro's Annual Security Roundup shows that most of our predictions for 2012 have come true, and we encapsulate 2012 as the year where threats launched the beginning of the "Post-PC" Era. Threats have now escalated past the desktop environment.

  • 2012 ended with 350,000 threats for Android as detected by Trend Micro. Malware growth reached 14-3 for Android versus PC, and it only took Android three years to achieve the PC volume of malware threats achieved within fourteen years. (1)
  • 2012 is also the year that Java supplanted pure Windows-based threats in the attackers' cross-hairs leading, among other things, to the first widespread attack against the Mac. (2,3,4)
  • English and Russian lead among the Top 10 Spam languages while India leads among the Top 10 Spam-Sending Countries.
  • Social media platforms continued to grow as areas of concern with attackers targeting them more, users putting themselves at risk by oversharing on them, and their legitimate services being co-opted to support cybercriminal activities. (5,6,7)
  • Enterprises and organizations suffered from data breaches and targeted attacks at an alarming rate. In one incident alone, the Global Payments data breach, costs have already reached US$94 Million and are still climbing. Targeted attacks are being helped along by the "children of STUXNET": attack code and kits like Flame, Duqu and Gauss that are derived from the STUXNET attack three years ago. (7)
  • 2012 was also the year of APTs such as Luckycat, Taidoor, IXESHE. (9)
  • Attackers adopted more professional software development practices rather than introducing new attacks. The Blackhole Exploit Kit (BHEK), Automatic Transfer Systems (ATSs) and Ransomware were all refined and improved with new features in ways that would make any commercial software vendor proud. (10,11,12,13)

2012 Mobile Threat and Security Roundup – Repeating History
Key to this report is Trend Micro's documentation of the growing mobile-threat environment and reporting--Android Malware accomplishing in 3 years what PC threats took 14 years to do. What is also concerning is that only 20% of Android device owners use a security app. This is not a risk worth taking, as by year end 2012 there were 350,000 threats facing this relatively new mobile platform. Trend Micro predicts that Android threats will increase to 1 million in 2013. (14,15,16)

Along with advice for users and IT professionals, readers will find:

  • New data as it relates to Aggressive adware in mobile devices as well as data leakages that aren't always limited to malicious apps, since even popular and legitimate apps can disclose data.
  • Nigeria tops the list of Top 10 countries at risk of downloading malicious apps.
  • India leads the list of Top 10 countries at risk of privacy exposure.
  • Thailand cell phones suffer the most out of Top 10 Countries when it comes to the Most Battery-Draining Apps.

Overall, 2012 unfolded much like our Chief Technology Officer Raimund Genes predicted (12 Security Predictions for 2012) particularly around post-PC threats, and the sophistication and targeting of attacks. As he noted then "Our hope that new OSs would make the world a safer place didn't work out." 2012 had shown that clearly to be the case. The post-PC malware era is here; and it's already looking to be a more dangerous era with higher stakes.

Reports are available @

2012 Annual Security Roundup: Evolved Threats in a "Post-PC" World
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-evolved-threats-in-a-post-pc-world.pdf

2012 Mobile Threat and Security Roundup: Repeating History
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-repeating-history.pdf

Hi-res image files from each report are available from the following:
Annual Roundup: http://about-threats.trendmicro.com/downloads/2012-annual-security-roundup-images.zip
Mobile Roundup: http://about-threats.trendmicro.com/downloads/2012-annual-mobile-threat-and-security-roundup-images.zip

References:

  1. http://www.av-test.org/en/statistics/malware/  
  2. http://blog.trendmicro.com/trendlabs-security-intelligence/java-runtime-environment-1-7-zero-day-exploit-delivers-backdoor/
  3. http://arstechnica.com/apple/2012/10/apple-removes-java-from-all-os-x-web-browsers/
  4. http://www.infoworld.com/d/security/java-7-update-10-allows-users-restrict-java-in-browsers-209423
  5. http://blog.trendmicro.com/trendlabs-security-intelligence/infographic-public-or-private-the-risks-of-posting-in-social-networks/
  6. http://blog.trendmicro.com/trendlabs-security-intelligence/privacy-worries-hound-facebook-yet-again/
  7. http://blog.trendmicro.com/trendlabs-security-intelligence/the-dangers-of-posting-credit-cards-ids-on-instagram-and-twitter/
  8. http://money.cnn.com/2012/04/02/technology/global-payments-breach/index.htm
  9. http://blog.trendmicro.com/trendlabs-security-intelligence/defcon-2012-android-malware-in-luckycat-servers/
  10. http://blog.trendmicro.com/trendlabs-security-intelligence/blackhole-2-0-beta-tests-in-the-wild/
  11. http://blog.trendmicro.com/trendlabs-security-intelligence/java-zero-days-and-the-blackhole-exploit-kit/
  12. http://blog.trendmicro.com/trendlabs-security-intelligence/java-zero-day-exploit-and-ruby-on-rails-vulnerabilities/
  13. http://blog.trendmicro.com/trendlabs-security-intelligence/evolved-banking-fraud-malware-automatic-transfer-systems/
  14. http://www.av-test.org
  15. http://about-threats.trendmicro.com/us/mobilehub/mobilereview/rpt_mothly_mobile_review_201209_the_growing_problem_of_mobile_adware.pdf
  16. http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/spotlight-articles/sp-trend-micro-predictions-for-2013-and-beyond.pdf

About Trend Micro
Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers.  A pioneer in server security with over 20 years' experience, we deliver top-ranked client, server and cloud-based security that fits our customers' and partners' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ global threat intelligence data mining framework, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe. 

Additional information about Trend Micro Incorporated and the products and services are available at Trend Micro.com. This Trend Micro news release and other announcements are available at http://newsroom.trendmicro.com/ and as part of an RSS feed at www.trendmicro.com/rss.  Or follow our news on Twitter at @TrendMicro.

SOURCE Trend Micro

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
As enterprises work to take advantage of Big Data technologies, they frequently become distracted by product-level decisions. In most new Big Data builds this approach is completely counter-productive: it presupposes tools that may not be a fit for development teams, forces IT to take on the burden of evaluating and maintaining unfamiliar technology, and represents a major up-front expense. In his session at @BigDataExpo at @ThingsExpo, Andrew Warfield, CTO and Co-Founder of Coho Data, will dis...
SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry's single source for the cloud. Fusion's advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including clou...
With the Apple Watch making its way onto wrists all over the world, it’s only a matter of time before it becomes a staple in the workplace. In fact, Forrester reported that 68 percent of technology and business decision-makers characterize wearables as a top priority for 2015. Recognizing their business value early on, FinancialForce.com was the first to bring ERP to wearables, helping streamline communication across front and back office functions. In his session at @ThingsExpo, Kevin Roberts...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
SYS-CON Events announced today that VAI, a leading ERP software provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. VAI (Vormittag Associates, Inc.) is a leading independent mid-market ERP software developer renowned for its flexible solutions and ability to automate critical business functions for the distribution, manufacturing, specialty retail and service sectors. An IBM Premier Business Part...
With an estimated 50 billion devices connected to the Internet by 2020, several industries will begin to expand their capabilities for retaining end point data at the edge to better utilize the range of data types and sheer volume of M2M data generated by the Internet of Things. In his session at @ThingsExpo, Don DeLoach, CEO and President of Infobright, will discuss the infrastructures businesses will need to implement to handle this explosion of data by providing specific use cases for filte...
The cloud promises new levels of agility and cost-savings for Big Data, data warehousing and analytics. But it’s challenging to understand all the options – from IaaS and PaaS to newer services like HaaS (Hadoop as a Service) and BDaaS (Big Data as a Service). In her session at @BigDataExpo at @ThingsExpo, Hannah Smalltree, a director at Cazena, will provide an educational overview of emerging “as-a-service” options for Big Data in the cloud. This is critical background for IT and data profes...
Fortunately, meaningful and tangible business cases for IoT are plentiful in a broad array of industries and vertical markets. These range from simple warranty cost reduction for capital intensive assets, to minimizing downtime for vital business tools, to creating feedback loops improving product design, to improving and enhancing enterprise customer experiences. All of these business cases, which will be briefly explored in this session, hinge on cost effectively extracting relevant data from ...
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. Interoute is the owner-operator of one of Europe's largest networks and a global cloud services platform which encompasses 12 data centers, 14 virtual data centers and 31 colocation centers, with connections to 195 ad...
Most people haven’t heard the word, “gamification,” even though they probably, and perhaps unwittingly, participate in it every day. Gamification is “the process of adding games or game-like elements to something (as a task) so as to encourage participation.” Further, gamification is about bringing game mechanics – rules, constructs, processes, and methods – into the real world in an effort to engage people. In his session at @ThingsExpo, Robert Endo, owner and engagement manager of Intrepid D...
Eighty percent of a data scientist’s time is spent gathering and cleaning up data, and 80% of all data is unstructured and almost never analyzed. Cognitive computing, in combination with Big Data, is changing the equation by creating data reservoirs and using natural language processing to enable analysis of unstructured data sources. This is impacting every aspect of the analytics profession from how data is mined (and by whom) to how it is delivered. This is not some futuristic vision: it's ha...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Learn how IoT, cloud, social networks and last but not least, humans, can be integrated into a seamless integration of cooperative organisms both cybernetic and biological. This has been enabled by recent advances in IoT device capabilities, messaging frameworks, presence and collaboration services, where devices can share information and make independent and human assisted decisions based upon social status from other entities. In his session at @ThingsExpo, Michael Heydt, founder of Seamless...
The IoT's basic concept of collecting data from as many sources possible to drive better decision making, create process innovation and realize additional revenue has been in use at large enterprises with deep pockets for decades. So what has changed? In his session at @ThingsExpo, Prasanna Sivaramakrishnan, Solutions Architect at Red Hat, discussed the impact commodity hardware, ubiquitous connectivity, and innovations in open source software are having on the connected universe of people, thi...
WebRTC: together these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at WebRTC Summit, Cary Bran, VP of Innovation and New Ventures at Plantronics and PLT Labs, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it may enable, complement or entirely transform.
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, showed how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants received the download information, scripts, and complete end-t...
For manufacturers, the Internet of Things (IoT) represents a jumping-off point for innovation, jobs, and revenue creation. But to adequately seize the opportunity, manufacturers must design devices that are interconnected, can continually sense their environment and process huge amounts of data. As a first step, manufacturers must embrace a new product development ecosystem in order to support these products.
Manufacturing connected IoT versions of traditional products requires more than multiple deep technology skills. It also requires a shift in mindset, to realize that connected, sensor-enabled “things” act more like services than what we usually think of as products. In his session at @ThingsExpo, David Friedman, CEO and co-founder of Ayla Networks, discussed how when sensors start generating detailed real-world data about products and how they’re being used, smart manufacturers can use the dat...
When it comes to IoT in the enterprise, namely the commercial building and hospitality markets, a benefit not getting the attention it deserves is energy efficiency, and IoT’s direct impact on a cleaner, greener environment when installed in smart buildings. Until now clean technology was offered piecemeal and led with point solutions that require significant systems integration to orchestrate and deploy. There didn't exist a 'top down' approach that can manage and monitor the way a Smart Buildi...