Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

What do Malware and Mosquitoes Have in Common? More than You Might Think.

Like Mosquitoes, Malware is Everywhere and is a Formidable Adversary… 

Like Mosquitoes, Malware is Everywhere and is a Formidable Adversary… 

Malware seems to be everywhere and it’s incredibly challenging to combat. It can take many forms and is increasingly resistant to traditional approaches to detect and stop. Instead of relying on a single attack vector, malware will use whatever unprotected path exists to reach its target and accomplish its mission.

Mosquitoes are quite similar. There are thousands of species and numerous ways to try to protect against them but each method has its limitations. You can’t walk around completely covered, sound waves and fans have mixed results and, increasingly, mosquitoes are developing resistance to many pesticides. Mosquitoes only need a very small gap in coverage to attack. Depending on the species, a bite can have serious health implications unless quickly diagnosed and treated.

Combating MalwareMalware is affecting more and more organizations every day. According to the 2013 Verizon Data Breach Investigation Report, of the top 20 types of threat actions last year, malware is the most common method used – at 10 – followed by hacking and social engineering. Increasingly, blended threats that combine several methods – for example, phishing, malware and hacking – are being used to introduce malware, embed the malware in networks, remain undetected for long periods of time and steal data or disrupt critical systems.

The evolving trends of mobility, cloud computing and collaboration are paving the way for new malware attacks we couldn’t have anticipated just a few years ago and that require new techniques to defend against. A growing attack vector, smartphones, tablets and other mobile devices have become essential business productivity tools. As their performance and roles in the workplace approach that of traditional desktop and laptop computers, it becomes even easier to design malware for them, and more fruitful. The increased use of mobile apps also creates opportunities for attackers. When users download mobile apps, they’re essentially putting a lightweight client on the endpoint and downloading code. Many users download mobile apps regularly without any thought to security, exposing the organization to greater risk.

Extending networks to include business partners and an increasing reliance on Internet service providers and hosting companies are prompting cybercriminals to harness the power of the Internet’s infrastructure, not just individual computers, to launch attacks. Websites hosted on compromised servers are now acting as both a redirector (the intermediary in the infection chain) and a malware repository.

Examples include:

• ‘Watering hole’ attacks targeting specific industry-related websites to deliver malware

• Malware delivered to users legitimately browsing mainstream websites

Advertisement. Scroll to continue reading.

• Spam emails that appear to be sent by well-known companies but contain links to malicious sites

• Third-party mobile applications laced with malware and downloaded from popular online marketplaces

Traditional defenses are no longer effective in helping organizations deal with today’s cybersecurity challenges including a greater attack surface, the growing proliferation and sophistication of attack models and increasing complexity with the network. Technologies to protect against threats must continue to evolve and become as pervasive as the attacks they are combatting. It’s more imperative than ever to find the right threat-centric security solutions that can work in your current environment and can easily adapt to meet the growing needs of your extended network, which now goes beyond the traditional perimeter to include endpoints, email and web gateways, mobile devices, virtual, data centers and the cloud.

When evaluating your approach to security in light of pervasive malware, seek out solutions that address these daunting challenges:

A greater attack surface. To deal with ever-expanding attack vectors, you need visibility across the extended network with contextual awareness. The more you can see, the more you can correlate seemingly benign events and apply intelligence to identify and stop threats, for example detecting zero-day ‘unknown’ malware that might enter through email or the web and taking action.

Growing proliferation and sophistication of attack models. Policies and controls are important to reduce the surface area of attack but threats still get through. A laser-focus on detecting and understanding threats after they have moved into the network or between endpoints is critical to stopping them and minimizing damage. With advanced malware and zero-day attacks this is an ongoing process that requires continuous analysis and real-time global threat intelligence that is shared across all products for improved efficacy.

Increasing complexity of the network. Networks aren’t going to get any simpler and neither will attacks. You can’t keep adding technologies without shared visibility or controls. To address mounting complexity while detecting and stopping modern threats, you need an integrated system of agile and open platforms that cover the network, devices and the cloud and enable centralized monitoring and management.

Like mosquitoes, malware is everywhere and is a formidable adversary. I don’t have great insights into what’s happening on the mosquito-fighting front. But I can say that the best minds in the cyber security industry are focused on the malware problem. Next week’s RSA Conference USA 2014 will be a great opportunity to start to assess the state of the industry and its progress in helping you deal with pervasive malware. 

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.