In fact, "Java represented 91 percent of all Indicators of Compromise (IOCs) in 2013," says the report. This means Java exploits were the "final payload observed" in a huge majority of all attacks throughout the year.
"I was surprised to see that the Java IOC number was 91 percent," Levi Gundert, technical lead, Cisco Threat Research, Analysis, and Communications, added. "There were a number of Java zero days that were used in various attacks, but there were also a ton of well-known Java vulnerabilities that were packaged into various exploit packs."
Oracle, which runs Java after their acquisition of Sun Microsystems, has had to constantly update the software, including an update for 51 vulnerabilities just this week.
In the report, Cisco notes that Java exploits tend to work well for attackers because people do not patch their Java as regularly as they should. This is likely true since Java needs updates sometimes weekly. Exploits are also successful since Java is easily portable and works on nearly all operating systems. Business customers can not always patch as quickly as necessary, either, as patches could break functionality.
Additionally, the report notes that 99 percent of all mobile malware in 2013 targeted Android devices, unsurprisingly given its huge market share and open-source nature.
Read the full report here.
Written by: Andre Yoskowitz @ 20 Jan 2014 7:56