The Latest in IT Security

What do Malware and Mosquitoes Have in Common? More than You Might Think.

20
Feb
2014

Like Mosquitoes, Malware is Everywhere and is a Formidable Adversary…

Malware seems to be everywhere and it’s incredibly challenging to combat. It can take many forms and is increasingly resistant to traditional approaches to detect and stop. Instead of relying on a single attack vector, malware will use whatever unprotected path exists to reach its target and accomplish its mission.

Mosquitoes are quite similar. There are thousands of species and numerous ways to try to protect against them but each method has its limitations. You can’t walk around completely covered, sound waves and fans have mixed results and, increasingly, mosquitoes are developing resistance to many pesticides. Mosquitoes only need a very small gap in coverage to attack. Depending on the species, a bite can have serious health implications unless quickly diagnosed and treated.

Malware is affecting more and more organizations every day. According to the 2013 Verizon Data Breach Investigation Report, of the top 20 types of threat actions last year, malware is the most common method used – at 10 – followed by hacking and social engineering. Increasingly, blended threats that combine several methods – for example, phishing, malware and hacking – are being used to introduce malware, embed the malware in networks, remain undetected for long periods of time and steal data or disrupt critical systems.

The evolving trends of mobility, cloud computing and collaboration are paving the way for new malware attacks we couldn’t have anticipated just a few years ago and that require new techniques to defend against. A growing attack vector, smartphones, tablets and other mobile devices have become essential business productivity tools. As their performance and roles in the workplace approach that of traditional desktop and laptop computers, it becomes even easier to design malware for them, and more fruitful. The increased use of mobile apps also creates opportunities for attackers. When users download mobile apps, they’re essentially putting a lightweight client on the endpoint and downloading code. Many users download mobile apps regularly without any thought to security, exposing the organization to greater risk.

Extending networks to include business partners and an increasing reliance on Internet service providers and hosting companies are prompting cybercriminals to harness the power of the Internet’s infrastructure, not just individual computers, to launch attacks. Websites hosted on compromised servers are now acting as both a redirector (the intermediary in the infection chain) and a malware repository.

Examples include:

•‘Watering hole’ attacks targeting specific industry-related websites to deliver malware

•Malware delivered to users legitimately browsing mainstream websites

• Spam emails that appear to be sent by well-known companies but contain links to malicious sites

• Third-party mobile applications laced with malware and downloaded from popular online marketplaces

Traditional defenses are no longer effective in helping organizations deal with today’s cybersecurity challenges including a greater attack surface, the growing proliferation and sophistication of attack models and increasing complexity with the network. Technologies to protect against threats must continue to evolve and become as pervasive as the attacks they are combatting. It’s more imperative than ever to find the right threat-centric security solutions that can work in your current environment and can easily adapt to meet the growing needs of your extended network, which now goes beyond the traditional perimeter to include endpoints, email and web gateways, mobile devices, virtual, data centers and the cloud.

When evaluating your approach to security in light of pervasive malware, seek out solutions that address these daunting challenges:

A greater attack surface. To deal with ever-expanding attack vectors, you need visibility across the extended network with contextual awareness. The more you can see, the more you can correlate seemingly benign events and apply intelligence to identify and stop threats, for example detecting zero-day ‘unknown’ malware that might enter through email or the web and taking action.

Growing proliferation and sophistication of attack models. Policies and controls are important to reduce the surface area of attack but threats still get through. A laser-focus on detecting and understanding threats after they have moved into the network or between endpoints is critical to stopping them and minimizing damage. With advanced malware and zero-day attacks this is an ongoing process that requires continuous analysis and real-time global threat intelligence that is shared across all products for improved efficacy.

Increasing complexity of the network. Networks aren’t going to get any simpler and neither will attacks. You can’t keep adding technologies without shared visibility or controls. To address mounting complexity while detecting and stopping modern threats, you need an integrated system of agile and open platforms that cover the network, devices and the cloud and enable centralized monitoring and management.

Like mosquitoes, malware is everywhere and is a formidable adversary. I don’t have great insights into what’s happening on the mosquito-fighting front. But I can say that the best minds in the cyber security industry are focused on the malware problem. Next week’s RSA Conference USA 2014 will be a great opportunity to start to assess the state of the industry and its progress in helping you deal with pervasive malware.

Tweet

Marc Solomon, Cisco’s VP of Security Marketing, has over 15 years of experience defining and managing software and software-as-a-service platforms for IT Operations and Security. He was previously responsible for the product strategy, roadmap, and leadership of Fiberlink’s MaaS360 on-demand IT Operations software and managed security services. Prior to Fiberlink, Marc was Director of Product Management at McAfee, responsible for leading a $650M product portfolio. Before McAfee, Marc held various senior roles at Everdream (acquired by Dell), Deloitte Consulting and HP. Marc has a Bachelor’s degree from the University of Maryland, and an MBA from Stanford University.Previous Columns by Marc Solomon:What do Malware and Mosquitoes Have in Common? More than You Might Think.The Open Source (R)evolution: From Great Technology to Greater IntelligenceFor Cyber Security Professionals, is the Concept of Control a Pipe Dream? A Cyber Security New Years Resolution: Simplify Security The Business Side of Cyber Security

sponsored links

Tags: INDUSTRY INSIGHTS

Malware

Comments are closed.

Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments