Report Shows Rise Of Advanced, Intelligent Attacks
A common piece of advice is to keep applications updated, especially antivirus programs, to try to keep up with constantly evolving cyber threats. At Dark Reading, Tim Wilson reports on the recently released Websense 2014 Threat Report that finds advanced, targeted attacks are more prevalent than ever before. This means that relying on out of date malware definitions and failing to patch vulnerabilities quickly are more likely to cause users to become victims of an attack.
Websense reports preventing more than 4-billion attacks in 2013. Almost all of these attacks were intelligently designed to by-pass traditional security tools and pursue confidential data. The worry is that not only are the highly targeted, advanced attacks able to fool traditional security infrastructures, but attacks considered more common and able to affect users on a large scale are also using advanced tactics to avoid detection and prevention.
A common attack tactic is the use of malicious links, either on a website or included in an email. Clicking these links causes the download of malware, or directs users to phishing sites designed to steal log-in credentials or other important information. In 2013, 85-percent of these malicious links were found to be located on legitimate, trusted websites that had been compromised. This makes it exponentially more difficult to recognize and prevent this style of attack because the website being used isn’t designed as an attack site.
About one-third of all malicious executable files discovered in 2013 contained custom encryption of programs designed to remotely take control of a system or mine data from it.
There were also a reported 67-million exploit kits discovered throughout last year. An exploit kit is a way for developers with expertise to design an attack and sell it to others to be easily customized and launched at the target of their choosing. These kits make it easier for more criminals to launch an attack because it only takes money, rather than expertise.
The takeaway from the Websense report is that no user is safe. There are so many threats to your safety, you’re bound to run into one eventually. This report also speaks to the importance of being proactive in your security. Update and patch often and be looking for new ways to protect your network.
For help improving the security of your network at home or at the office, or for help recovering from an attack, call Geek Rescue at 918-369-4335.April 11th, 2014