Trend Micro Reports Confirm the Arrival of the Post-PC Threat Era

      Trend Micro Reports Confirm the Arrival of the Post-PC Threat Era

Android-to-Windows Malware Growth Rate of 14-to-3 in Newly Released Security
Reports

*2012 Annual Security Roundup - Evolved Threats in a "Post-PC" World

*2012 Mobile Threat and Security Roundup - Repeating History

PR Newswire

CUPERTINO, Calif., Jan. 23, 2013

CUPERTINO, Calif., Jan. 23, 2013 /PRNewswire/ --With the release of its 2012
Annual Roundup and Mobile Security reports, Trend Micro documents how
cybercriminals have moved beyond the PC, targeting Android, social media and
even the Mac OS X with new attacks. Highlights from these reports include:

2012 Annual Security Roundup - Evolved Threats in a "Post-PC" World
Trend Micro's Annual Security Roundup shows that most of our predictions for
2012 have come true, and we encapsulate 2012 as the year where threats
launched the beginning of the "Post-PC" Era. Threats have now escalated past
the desktop environment.

  o2012 ended with 350,000 threats for Android as detected by Trend Micro.
    Malware growth reached 14-3 for Android versus PC, and it only took
    Android three years to achieve the PC volume of malware threats achieved
    within fourteen years. (1)
  o2012 is also the year that Java supplanted pure Windows-based threats in
    the attackers' cross-hairs leading, among other things, to the first
    widespread attack against the Mac. (2,3,4)
  oEnglish and Russian lead among the Top 10 Spam languages while India leads
    among the Top 10 Spam-Sending Countries.
  oSocial media platforms continued to grow as areas of concern with
    attackers targeting them more, users putting themselves at risk by
    oversharing on them, and their legitimate services being co-opted to
    support cybercriminal activities. (5,6,7)
  oEnterprises and organizations suffered from data breaches and targeted
    attacks at an alarming rate. In one incident alone, the Global Payments
    data breach, costs have already reached US$94 Million and are still
    climbing. Targeted attacks are being helped along by the "children of
    STUXNET": attack code and kits like Flame, Duqu and Gauss that are derived
    from the STUXNET attack three years ago. (7)
  o2012 was also the year of APTs such as Luckycat, Taidoor, IXESHE. (9)
  oAttackers adopted more professional software development practices rather
    than introducing new attacks. The Blackhole Exploit Kit (BHEK), Automatic
    Transfer Systems (ATSs) and Ransomware were all refined and improved with
    new features in ways that would make any commercial software vendor proud.
    (10,11,12,13)

2012 Mobile Threat and Security Roundup – Repeating History
Key to this report is Trend Micro's documentation of the growing mobile-threat
environment and reporting--Android Malware accomplishing in 3 years what PC
threats took 14 years to do. What is also concerning is that only 20% of
Android device owners use a security app. This is not a risk worth taking, as
by year end 2012 there were 350,000 threats facing this relatively new mobile
platform. Trend Micro predicts that Android threats will increase to 1 million
in 2013. (14,15,16)

Along with advice for users and IT professionals, readers will find:

  oNew data as it relates to Aggressive adware in mobile devices as well as
    data leakages that aren't always limited to malicious apps, since even
    popular and legitimate apps can disclose data.
  oNigeria tops the list of Top 10 countries at risk of downloading malicious
    apps.
  oIndia leads the list of Top 10 countries at risk of privacy exposure.
  oThailand cell phones suffer the most out of Top 10 Countries when it comes
    to the Most Battery-Draining Apps.

Overall, 2012 unfolded much like our Chief Technology Officer Raimund Genes
predicted (12 Security Predictions for 2012) particularly around post-PC
threats, and the sophistication and targeting of attacks. As he noted then
"Our hope that new OSs would make the world a safer place didn't work out."
2012 had shown that clearly to be the case. The post-PC malware era is here;
and it's already looking to be a more dangerous era with higher stakes.

Reports are available @

2012 Annual Security Roundup: Evolved Threats in a "Post-PC" World
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-evolved-threats-in-a-post-pc-world.pdf

2012 Mobile Threat and Security Roundup: Repeating History
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-repeating-history.pdf

Hi-res image files from each report are available from the following:
Annual Roundup:
http://about-threats.trendmicro.com/downloads/2012-annual-security-roundup-images.zip
Mobile Roundup:
http://about-threats.trendmicro.com/downloads/2012-annual-mobile-threat-and-security-roundup-images.zip

References:

1.http://www.av-test.org/en/statistics/malware/
2.http://blog.trendmicro.com/trendlabs-security-intelligence/java-runtime-environment-1-7-zero-day-exploit-delivers-backdoor/
3.http://arstechnica.com/apple/2012/10/apple-removes-java-from-all-os-x-web-browsers/
4.http://www.infoworld.com/d/security/java-7-update-10-allows-users-restrict-java-in-browsers-209423
5.http://blog.trendmicro.com/trendlabs-security-intelligence/infographic-public-or-private-the-risks-of-posting-in-social-networks/
6.http://blog.trendmicro.com/trendlabs-security-intelligence/privacy-worries-hound-facebook-yet-again/
7.http://blog.trendmicro.com/trendlabs-security-intelligence/the-dangers-of-posting-credit-cards-ids-on-instagram-and-twitter/
8.http://money.cnn.com/2012/04/02/technology/global-payments-breach/index.htm
9.http://blog.trendmicro.com/trendlabs-security-intelligence/defcon-2012-android-malware-in-luckycat-servers/
10.http://blog.trendmicro.com/trendlabs-security-intelligence/blackhole-2-0-beta-tests-in-the-wild/
11.http://blog.trendmicro.com/trendlabs-security-intelligence/java-zero-days-and-the-blackhole-exploit-kit/
12.http://blog.trendmicro.com/trendlabs-security-intelligence/java-zero-day-exploit-and-ruby-on-rails-vulnerabilities/
13.http://blog.trendmicro.com/trendlabs-security-intelligence/evolved-banking-fraud-malware-automatic-transfer-systems/
14.http://www.av-test.org
15.http://about-threats.trendmicro.com/us/mobilehub/mobilereview/rpt_mothly_mobile_review_201209_the_growing_problem_of_mobile_adware.pdf
16.http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/spotlight-articles/sp-trend-micro-predictions-for-2013-and-beyond.pdf

About Trend Micro
Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global cloud security
leader, creates a world safe for exchanging digital information with its
Internet content security and threat management solutions for businesses and
consumers. A pioneer in server security with over 20 years' experience, we
deliver top-ranked client, server and cloud-based security that fits our
customers' and partners' needs, stops new threats faster, and protects data in
physical, virtualized and cloud environments. Powered by the industry-leading
Trend Micro™ Smart Protection Network™ global threat intelligence data mining
framework, our products and services stop threats where they emerge – from the
Internet. They are supported by 1,000+ threat intelligence experts around the
globe.

Additional information about Trend Micro Incorporated and the products and
services are available at Trend Micro.com. This Trend Micro news release and
other announcements are available at http://newsroom.trendmicro.com/ and as
part of an RSS feed at www.trendmicro.com/rss. Or follow our news on Twitter
at @TrendMicro.

SOURCE Trend Micro

Contact: Alan Wallace, Trend Micro, Senior Global PR Manager, +1-425-522-3180,
pr@trendmicro.com