14 DAY TRIAL // Managed security services provider Solutionary has released its Threat Intel Report for the third quarter of 2013. The new study focuses on phishing, Tor, hacktivism and suspicious ICMP traffic.
In the third quarter, the usage of the TOR anonymity network has increased by 350%. The considerable increase is likely caused by the fact that cybercriminals are using Tor to protect their botnet infrastructures against takedowns. One perfect example is the new version of the Mevade malware family.
Another explanation for the increase in Tor traffic is the fact that more and more Internet users are seeking ways to protect their privacy against NSA surveillance.
As far as hacktivist campaigns are concerned, the report analyzes OpUSA, OpIsraelReborn and the fourth phase of Operation Ababil, launched by Izz ad-Din al-Qassam Cyber Fighters.
The primary vectors used in these operations are distributed denial-of-service, cross-site scripting (XSS) and SQL Injection attacks. Hacktivists have also leveraged spear phishing and DNS registry tampering to achieve their goals.
Experts have found that spear phishing attacks are still highly efficient, despite the fact that numerous organizations have launched anti-phishing awareness campaigns.
Finally, Solutionary’s Q3 threat intel report reveals that there has been an “uptick” in anomalous ICMP traffic in the United States and Europe. ICMP is normally used for diagnostic and control purposes. However, based on the structure and frequency of the packets, researchers have determined that ICMP is also used for malicious activities.
“This report reveals that the threat landscape continues to expand, making it a real challenge for organizations of all sizes to detect and defend against advanced attacks,” noted Solutionary SERT Director of Research Rob Kraus.
“Even organizations with established, mature security investments often come to realize they cannot provide effective security without the assistance of a trusted partner,” Kraus added.
“The findings and intelligence revealed in this report provide IT security and risk professionals with essential intelligence that will aid them in defending against advanced attacks that frequently lead to data breaches and compliance problems.”
The complete Solutionary Q3 Threat Intel Report is available on the company’s website (registration required).