internet security tHreAt rePOrt GOVernMent 2013
internet security tHreAt rePOrt GOVernMent 2013
internet security tHreAt rePOrt GOVernMent 2013
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
p. 71<br />
Symantec Corporation<br />
Internet Security Threat Report <strong>2013</strong> :: Volume 18<br />
ThREAT ACTIVITy TRENDS<br />
Analysis of Malicious Web Activity by Attack Toolkits<br />
Background<br />
The increasing pervasiveness of Web browser applications,<br />
along with increasingly common, easily exploited Web browser<br />
application <strong>security</strong> vulnerabilities, has resulted in the<br />
widespread growth of Web-based threats. Attackers wanting to<br />
take advantage of client-side vulnerabilities no longer need to<br />
actively compromise specific networks to gain access to those<br />
computers. These attacks work by infecting enterprise and<br />
consumers that visit mainstream websites hosting Web-attack<br />
toolkits, and silently infect them with a variety of malware.<br />
Symantec analyzes attack activity to determine which types<br />
of attacks and attack toolkits attackers are utilizing. This can<br />
provide insight into emerging Web attack trends and may<br />
indicate the types of attacks with which attackers are having<br />
the most success.<br />
Data<br />
Figure A.9. Malicious Website Activity: Attack Toolkit Trends, 2012<br />
Source: Symantec<br />
90%<br />
80<br />
70<br />
60<br />
50<br />
40<br />
30<br />
20<br />
10<br />
JAN<br />
FEB<br />
MAR<br />
APR<br />
MAY<br />
JUN<br />
JUL<br />
AUG<br />
Methodology<br />
This metric assesses the top Web-based attack activity grouped<br />
by exploit “Web kit” families. These attacks originated from<br />
compromised legitimate sites and intentionally malicious sites<br />
set up to target Web users in 2012. To determine this, Symantec<br />
ranked attack activity by the number of associated incidents<br />
associated with each given Web kit.<br />
SEP<br />
OCT<br />
NOV<br />
DEC<br />
Others<br />
Blackhole<br />
Sakura<br />
Nuclear<br />
Redkit<br />
Phoenix