A new report released by Kaspersky Labs discovered that cyberattacks affected more than one-third of computer users in 2014. More than 6 billion attacks targeting computer and mobile devices were detected this year, an increase of 1 billion security incidents from 2013.
According to the study, cyberthreats toward mobile devices were especially frequent this year. Nearly 300,000 new malicious software samples targeting mobile hardware were created in 2014, almost three times as many as were made in 2013.
"2011 was the year of mobile malware formation, especially on Android-based devices; 2012 was when they developed and 2013 was when they reached maturity," said Kaspersky senior mobile malware analyst Roman Unuchek. "In 2014 mobile malware focused on financial issues: the number of mobile banking Trojans was nine times greater than in the previous year and developing in this area is continuing at an alarming rate."
Financial attacks becoming more common
More than half of all mobile attacks that occurred in 2014 targeted users' money. The Zeus Trojan has remained the most commonly used banking malware, accounting for approximately 75 percent of financial attacks. Banking Trojans in general became more prevalent, with nine times as many being created this year than in 2013, reaching a total of 12,100 mobile banking Trojans.
Security researchers at Kaspersky found that exploiting vulnerabilities in Java and various Web browsers was the most effective way cybercriminals found to deliver their malware. Exploits related to Adobe Reader flaws are also popular, as social engineering techniques have become easier to create and leverage successfully.
The growing threat to mobile devices has been a frequent topic of discussion among security experts in recent months. Adm. Michael Rogers, director of the National Security Agency even warned against the threat in a meeting of the House Intelligence Committee, informing members that hackers will continue to target smartphones and tablets to infiltrate higher-level targets as they are more difficult to secure than traditional computers.
The threat to enterprises of cybercriminals obtaining network access through employee mobile devices is larger than ever. There is a growing need for companies to implement defense techniques to protect sensitive systems from being exposed by malicious mobile applications, and the most reliable solution is to employ a security information and event management solution. A managed SIEM service offers companies continuous network monitoring and analysis of event activity. This analysis in turn provides actionable threat intelligence that can be used to create a more robust and effective defense strategy, helping organizations to protect against security intrusions from a variety of entry points.