Malware Bypasses Defenses with Ease

Friday, August 31, 2012 @ 03:08 PM gHale


Malware that can get around signature-based detection went up almost 400 percent in the past year, a new research report said.

Companies suffer hits on an average of 643 successful infections a week, according to security firm FireEye’s latest Advanced Threat Report on cyber attacks that routinely bypass traditional defenses.
http://www2.fireeye.com/advanced-threat-report-1h2012.html

RELATED STORIES
Malware Disguised as Security Software
Intuit Spam Comes Back
Malware Targeting BlackBerry Users
Losses Hike in Phishing Attacks

Traditional defenses include firewalls, intrusion prevention systems, antivirus, and other signature, reputation and basic behavior-based technologies.

The report, which covers the first half of the year, highlights the intensified danger of email-based attacks. Researchers see a 56 percent growth in email-based attacks from the first to the second quarter of 2012.

Malicious links saw a wider use than malicious attachments in the last two months of the second quarter of 2012.

Another trend highlighted by the report is the increase in the use of dynamic, throw-away domains. Researchers saw a significant increase in dynamic links used five times or less.

Links used just once grew from 38 percent in the second half of 2011 to 46 percent in the first half of 2012.

Organizations must rethink their IT security architecture and implement appropriate security measures to prevent advanced cyber attacks

Researchers reported patterns of attack varied substantially by industry. Patterns of attack were different between the financial services, energy/utilities, healthcare, and technology industries.

They did find industries with significant intellectual property or customer and financial data remained the primary targets as attacks increase.

“The results of this report make it even more clear that reactive signature-based defenses cannot prevent evasive strains of malware from making their way into the enterprise,” said Ashar Aziz, FireEye founder and chief executive.

“Attackers continue to remain a step ahead of traditional defenses, so organizations must rethink their IT security architecture and implement appropriate security measures to prevent advanced cyber attacks such as Zero Day attacks and advanced persistent threats [APTs],” he said.

The report recommends as cyber criminals develop and invest in advanced malware, enterprises must reinforce their traditional defenses with a new layer of dynamic security.

This additional layer of security should aim at detecting unknown threats in real time, thwarting malware communications back to command and control servers and blocking data exfiltration.



Leave a Reply

You must be logged in to post a comment.