This quarter saw a significant shift in the way the security industry approaches targeted attacks and advanced persistent threats, which are now viewed more as a long-term, ongoing campaign versus the typical "smash-and-grab incidents" favoured by cybercriminals in the past, according to the Trend Micro Q1 2012 Security Roundup Report.
The report also noted that cybercriminals who launch APTs will often keep track of the different attacks within a campaign in order to determine which individual attack compromised a specific victim's network. The Lucky cat campaign, in particular, attacked a diverse set of targets using a variety of malware, some of which have been linked to other cyber-espionage campaigns. New social networking site, Pinterest, gained not just popularity but also notoriety. Site users were drawn into "re-pinning" a Starbucks logo to get supposed gift cards but instead got malware. This quarter's top spam-sending countries included: India (20 per cent), Indonesia (13 per cent), South Korea (12 per cent), and Russia (10 per cent).
Apple surpassed Oracle, Google and Microsoft in reported vulnerabilities, with a total of 91. Oracle came in second, with 78; Google, 73; Microsoft, 43. Apart from posting the highest number of reported vulnerabilities, Apple also issued a record-breaking number of patches last March. In addition, Trend Micro reported that Apple issued a record number of patches to its Safari browser in March during the period.
Amit Nath, Country Manager India and SAARC, Trend Micro, said, "The number of targeted attacks has dramatically increased. Unlike largely indiscriminate attacks that focus on stealing credit card and banking information associated with cybercrime, targeted attacks noticeably differ and are better characterized as 'cyber espionage'. Highly targeted attacks are computer intrusions threat actors' stage in order to aggressively pursue and compromise specific targets, often leveraging social engineering, in order to maintain persistent presence within the victim’s network so they can move laterally and extract sensitive information."