Barracuda Labs Releases 2010 Security Report Alongside New Profile Protector

Tis’ the season for security reports! Leading up to the February RSA Conference, many organizations prep and release their 2010 findings. Interestingly, fewer than half find the same trends and/or security flaws. This can be confusing and overwhelming unless you look at the context. The types of attack vectors and trending a vendor finds are almost always directly related to the type of vendor - and that makes sense. An email spam defender is going to write a report focused on email attacks (mostly) and a storage vendor will write about data leaks, loss, and breaches. That said, all of the reports taken together can provide an organization with a good sense of where the priority trouble spots are for them in relation to the way they do business.

Barracuda Networks, provider of content security, data protection and application delivery solutions, recently released the findings from their 2010 Annual Security Report, and it wasn’t surprising to see the dramatic shift from email attacks to targeting the Internet. Barracuda saw email spam drop by half during 2010. That’s huge, but spam itself is not a P1 threat but it’s definitely a P1 annoyance. They also found that search engine malware doubled and the Twitter Crime Rate increased 20 percent, signifying a concentrated focus on the more lucrative social networks and search engines as attack vectors. With the use of social networking tools such as Twitter as part of the modern sales and marketing programs, this is definitely news to pay attention to.

In light of their findings, and a perceived market need, Barracuda designed what they hope is a strong solution to the problem. To help combat social network-driven attacks, Barracuda released Profile Protector, a free service that protects social networking users against malicious threats on Facebook and Twitter.The application analyzes user-generated content posted to profiles and is able to block or remove malicious or suspicious content. This includes malicious URLs, embedded photos and/or videos on Facebook and Twitter pages and news feeds. 

“Attackers focus on where they can get the most eyeballs and profit, and today that means social networks and search engines,” said Dr. Paul Judge, chief research officer at Barracuda Networks. “As a community we often point to the need for user education as the missing component; however, the levels of social engineering involved in today’s attacks suggest that we must continue to elevate our technological approaches. The research community must continue to build innovative defenses and the industry must make efforts to increase the deployment rates of those defenses.”

Dr. Judge has a good point. Social engineering is increasingly savvy. Nearly every day I get a chat request from an unknown (and fictional) “friend” that wants to add me to their directory so we can get back in touch. With names like Kelly, Todd and Mike, I do find myself pausing to think about whether I’ve connected to friends with the same names. Unequivocally, I delete the requests. If it truly is my friend, they’ll drop me an email asking why I didn’t accept their invitation.

Searching for Malware

Barracuda conducts periodic studies across Bing, Google, Twitter and Yahoo!, analyzing trending topics on popular search engines in order to understand the scope of the problem and to identify the types of topics used by malware distributors. The most recent study was conducted over 153 days. The analysis reviews more than 157,000 trending topics and nearly 37 million search results. Overall, the research found that attackers have increased the amount of search engine malware as well as expanded targeted efforts beyond Google.

Key highlights from the search result analysis include:

• In June 2010, Google was crowned as “King” of malware, turning up more than twice the amount of malware as Bing, Twitter and Yahoo! combined when searches on popular trending topics were performed. As malware spread across the other search engines, the ratios were distributed more evenly by December 2010, with Google producing 38 percent of overall malware; Yahoo! at 30 percent; Bing at 24 percent and Twitter at eight percent.
• The amount of malware found daily across the search engines increased 55 percent from 145.7 in June 2010 to 226.3 in December 2010.
• One in five search topics lead to malware, while one in 1,000 search results lead to malware.
• The top 10 terms used by malware distributors include the name of a Jersey Shore actress, the president, the NFL and credit score.

The Dark Side of Twitter

Barracuda Labs analyzed more than 26 million Twitter accounts in order to measure and analyze account behavior. The analysis enabled researchers to model normal user behavior and identify features that are strong indicators of illegitimate account use.

Key highlights from the Twitter research include:

• In general, activity continues to increase on Twitter: more users are coming online; True Twitter Users are tweeting more often, and even casual users are becoming more active. As users become more active, the malicious activity also increases.
• The number of True Twitter Users increased to 43 percent, up from only 29 percent in June 2010.
• For every 100 Twitter users, 39 have between one and nine followers, while 50 percent of Twitter users have more than 10 followers.
• Approximately 79 percent of Twitter users tweet less than once per day.
• After decreasing at the end of 2009, the Twitter Crime Rate increased 20 percent from the first half of 2010 to the second half of 2010, going from 1.6 percent to 2 percent.
• Attackers are distributing malware and exploiting vulnerabilities to achieve their malicious goals.

You can view the complete report at Barracuda Labs 2010 Annual Security Report .

Profile Protector is available for download at http://profileprotector.com/