Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

What do Malware and Mosquitoes Have in Common? More than You Might Think.

Like Mosquitoes, Malware is Everywhere and is a Formidable Adversary… 

Like Mosquitoes, Malware is Everywhere and is a Formidable Adversary… 

Malware seems to be everywhere and it’s incredibly challenging to combat. It can take many forms and is increasingly resistant to traditional approaches to detect and stop. Instead of relying on a single attack vector, malware will use whatever unprotected path exists to reach its target and accomplish its mission.

Mosquitoes are quite similar. There are thousands of species and numerous ways to try to protect against them but each method has its limitations. You can’t walk around completely covered, sound waves and fans have mixed results and, increasingly, mosquitoes are developing resistance to many pesticides. Mosquitoes only need a very small gap in coverage to attack. Depending on the species, a bite can have serious health implications unless quickly diagnosed and treated.

Combating MalwareMalware is affecting more and more organizations every day. According to the 2013 Verizon Data Breach Investigation Report, of the top 20 types of threat actions last year, malware is the most common method used – at 10 – followed by hacking and social engineering. Increasingly, blended threats that combine several methods – for example, phishing, malware and hacking – are being used to introduce malware, embed the malware in networks, remain undetected for long periods of time and steal data or disrupt critical systems.

The evolving trends of mobility, cloud computing and collaboration are paving the way for new malware attacks we couldn’t have anticipated just a few years ago and that require new techniques to defend against. A growing attack vector, smartphones, tablets and other mobile devices have become essential business productivity tools. As their performance and roles in the workplace approach that of traditional desktop and laptop computers, it becomes even easier to design malware for them, and more fruitful. The increased use of mobile apps also creates opportunities for attackers. When users download mobile apps, they’re essentially putting a lightweight client on the endpoint and downloading code. Many users download mobile apps regularly without any thought to security, exposing the organization to greater risk.

Extending networks to include business partners and an increasing reliance on Internet service providers and hosting companies are prompting cybercriminals to harness the power of the Internet’s infrastructure, not just individual computers, to launch attacks. Websites hosted on compromised servers are now acting as both a redirector (the intermediary in the infection chain) and a malware repository.

Examples include:

• ‘Watering hole’ attacks targeting specific industry-related websites to deliver malware

• Malware delivered to users legitimately browsing mainstream websites

• Spam emails that appear to be sent by well-known companies but contain links to malicious sites

• Third-party mobile applications laced with malware and downloaded from popular online marketplaces

Traditional defenses are no longer effective in helping organizations deal with today’s cybersecurity challenges including a greater attack surface, the growing proliferation and sophistication of attack models and increasing complexity with the network. Technologies to protect against threats must continue to evolve and become as pervasive as the attacks they are combatting. It’s more imperative than ever to find the right threat-centric security solutions that can work in your current environment and can easily adapt to meet the growing needs of your extended network, which now goes beyond the traditional perimeter to include endpoints, email and web gateways, mobile devices, virtual, data centers and the cloud.

When evaluating your approach to security in light of pervasive malware, seek out solutions that address these daunting challenges:

A greater attack surface. To deal with ever-expanding attack vectors, you need visibility across the extended network with contextual awareness. The more you can see, the more you can correlate seemingly benign events and apply intelligence to identify and stop threats, for example detecting zero-day ‘unknown’ malware that might enter through email or the web and taking action.

Growing proliferation and sophistication of attack models. Policies and controls are important to reduce the surface area of attack but threats still get through. A laser-focus on detecting and understanding threats after they have moved into the network or between endpoints is critical to stopping them and minimizing damage. With advanced malware and zero-day attacks this is an ongoing process that requires continuous analysis and real-time global threat intelligence that is shared across all products for improved efficacy.

Increasing complexity of the network. Networks aren’t going to get any simpler and neither will attacks. You can’t keep adding technologies without shared visibility or controls. To address mounting complexity while detecting and stopping modern threats, you need an integrated system of agile and open platforms that cover the network, devices and the cloud and enable centralized monitoring and management.

Like mosquitoes, malware is everywhere and is a formidable adversary. I don’t have great insights into what’s happening on the mosquito-fighting front. But I can say that the best minds in the cyber security industry are focused on the malware problem. Next week’s RSA Conference USA 2014 will be a great opportunity to start to assess the state of the industry and its progress in helping you deal with pervasive malware. 

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Fortinet warned of three malicious PyPI packages containing code that fetches the Wacatac trojan and information stealer.

Cybercrime

The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...