Cisco report: Java and Android are hives of malware

Elliot Bentley

Last year, 91% of all web exploits used Java, while 99% of all mobile malware targeted Android devices.

An annual security report from Cisco points the finger at Java and Android as being the two biggest risk factors in enterprise security.

Java applets were the attack vector of 91% of all web exploits last year, according to the report, more than Adobe Reader and Flash combines.

Elsewhere, mobile malware is a small but growing issue – for Android users at least, whom 99% of mobile malware targeted last year.

Considering the slow update process, it may come as little surprise to some that 76% of the companies surveyed by Cisco were still running Java 6. Most of these companies also run Java 7, but maintain the older version for compatibility legacy applications –  despite the fact that Oracle stopped providing free security updates for it last year.

This slow upgrade process and the overall popularity of Java means that it is “an attack surface that is too big for criminals to ignore”.

The good news from the report is that global spam volume is decreasing, even though the level of “maliciously intended” spam remains at the same level.

However, malware writers are instead turning their attention to high-value targets such as web hosting servers, nameservers, and data centers. The authors say this “suggests the forming of überbots that seek high-reputation and resource-rich assets”.

There has also been a significant change in targets, with electronics manufacturing and the agriculture and mining industries are being picked out specifically.

In both desktop and mobile security, then, 2013 was not a good year for Java. The report concludes: “If security professionals who have limited time to fight web exploits decide to focus most of their attention on Java, they’ll be putting their resources in the right place.”

Photo by DirectDish.

Inline Feedbacks
View all comments