Monday, March 12, 2012

2012 Blue Coat web security report reveals evolution of sophisticated cybercriminal infrastructure to deliver web attacks

DUBAI, UAE: Blue Coat Systems Inc. issued its Blue Coat 2012 Web Security Report that identifies and analyzes trends in malicious attacks over the past year and makes recommendations on strategies to keep companies safe. In 2011, the most significant evolution in the threat landscape was the use of malware networks, or malnets, to launch highly dynamic Web-based attacks.

These complex infrastructures, which outlast any one attack, drove a 240 percent increase in the number of malicious sites during the year and are expected to launch as many as two-thirds of all new attacks in 2012. The Blue Coat Security Labs team first discovered the existence of these malicious networks early in 2011 and presently is the only company to specifically identify, track and block them.

Malnets are distributed network infrastructures within the Internet that are built, managed and maintained by cybercriminals for the purpose of launching a variety of attacks against unsuspecting users over extended periods of time. The end game for malnets typically is either stealing personal information or transforming end-user systems into botnets. The Blue Coat 2012 Web Security Report details the strategies and tactics that malnet operators deploy to snare users and funnel them to dynamic malware payloads, or software which surreptitiously installs on users computers designed for malicious or criminal purposes.

"In 2011, the ease of buying, customizing and deploying malicious software kits, coupled with a faster rotation through domain names, drove a 240 percent increase in malicious sites," said Chris Larsen, senior malware researcher, Blue Coat Systems. “With the average business now facing 5,000 threats per month, identifying and tracking malnets to block attacks at the source before they are launched is the most effective protection. Blue Coat uniquely provides protection from malnet-launched attacks even before they happen.”

According to the report, the most common entry point into these malicious infrastructures rely on the path of least resistance, utilizing entry points that are easy to exploit, such as search engines/portals and email, or are utilized by large, diverse populations of users. Malnets have become so effective at launching attacks through search engines/portals that one in 142 searches leads to malicious links.

The 2012 Web Security Report examines the malnet ecosystem in depth, examining user behavior, malnet strategies and tactics, as well as highlighting the best defenses against these aggressive infrastructures. The report includes topics, such as:

* Most common content categories for intentionally or inadvertently hosting malware.
* Malvertising attacks that funnel users into malnets via malicious Web advertisements.
* Internet within an Internet that exists on social networking sites.
* Negative day defense as a protection against the dynamic nature of malnets.

It also explores how the existence of these malnets is driving broader changes in the threat landscape, including:

* The growing use of social networking to conduct trust and reputation-based attacks.
* A shift away from news-driven topics for search engine poisoning attacks.
* A significant increase in email attacks.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.