ISS 317 Top Security Threats The report provided highlights dramatic increases in targeted attacks on enterprises, the continued growth of social networking sites that can be used as an attack distribution platform; and a profound change in attackers’ infection techniques which increasingly target vulnerabilities in Java to break into traditional computer systems. The report also explores how attackers are exhibiting a significant shift in focus toward growing mobile device platforms. Symantec noted over 3 billion malware attacks in 2010 with Stuxnet being the most notable trend. The attacks in this 2010 report there were the following five recurring themes. These themes are Targeted attacks, Social Networks, Zero-day vulnerabilities, rootkits, and Mobile Threats. Targeted attacks, such as Hydraq and Stuxnet, posed a growing threat to enterprises in 2010. To increase the likelihood of successful, undetected infiltration into the enterprise, an increasing number of these targeted attacks leveraged zero-day vulnerabilities to break into computer systems. Stuxnet and Hydraq teach future attackers that the easiest vulnerability to exploit is our trust of friends and colleagues. Stuxnet could not have breached its target without someone being given trusted access with a USB key. Meanwhile, Hydraq would not have been successful without convincing users that the links and attachments they received in an email were from a trusted source. Social network platforms continue to grow in popularity and this popularity has not surprisingly attracted a large volume of malware and attack potentials. One of the primary attack techniques used on social networking sites involved the use of shortened URLs. Under typical, legitimate, circumstances, these abbreviated URLs are used to efficiently share a link in an email or on a web page to an otherwise complicated web address. But the use of these shortened URLs, the report found that attackers used the news-feed capabilities provided by popular social networking sites to mass-distribute attacks. Typically an attacker logs into a compromised social networking account and posts a shortened link to a malicious website in the victim’s status area which then spreads out to contacts and their contacts etc. Once infiltration occurs at an organization, the targeted attack tries to avoid detection until its objective is met. Then exploiting zero-day vulnerabilities is one part of keeping an attack stealthy since these vulnerabilities enable the attackers to get malicious applications installed on a computer without the user’s knowledge. Zero-day vulnerabilities become everyday vulnerabilities via attack kits with some of the vulnerabilities used on Stuxnet as well as the other 6,253 new vulnerabilities discovered in 2010. Also these attack kit, or also known as attack toolkits, software programs that can be used by novices and experts alike to facilitate the launch of widespread attacks on networked computers, continued to see widespread use. These kits increasingly target vulnerabilities in the popular Java system, which accounted for 17 percent of all vulnerabilities affecting browser plug-ins in 2010. As a popular cross-browser,