Almost 17,000 malware alerts surface every week, the Ponemon Institute recently found.
Only 4 percent of alerts were investigated, and traditional antivirus products missed nearly 70 percent of malware in the first hour, researchers discovered in a recent Damballa study.
Rescanning led to identification of 66 percent of the malware in 24 hours and 72 percent after seven days. It took AV products more than six months to create signatures for 100 percent of the malware.
“Foreign-based operatives are attacking American assets, and the damage to U.S. interests is in the billions of dollars,” VASCO Data Security Vice President John Gunn told TechNewsWorld.
Toward Hell in a Handcart
Ahead on the cyberthreat landscape are more attacks on mobile devices; larger, more frequent and more complex DDoS attacks; increased targeting by hacktivists and nation states on critical infrastructure; and an increasing shift by hackers to poorly detected downloaders, according to Verisign.
“Hackers have already made the Internet their playground,” Incapsula CEO Marc Gaffan told TechNewsWorld. DDoS attacks, which are among the most widely used methods of taking down websites, increased 240 percent in 2014.
Phishing attacks are only going to become easier, because the level of technological knowledge needed to launch them is falling. Cybercriminals are building and selling phishing kits for between US$2 and $10, according to Symantec. Attackers are implementing techniques to block unwanted access to those kits so they can’t be detected.
Adding Mobile Fuel to the Cyberthreat Fire
The growing trend toward using mobile devices is adding to the havoc, because cybercriminals are getting better at attacking them. As organizations increasingly adopt the BYOD approach, they render themselves more vulnerable to attack.
The combination of “malicious attacks and mobile malware … with unpredictable user behavior, jailbreaking devices, and increased reliance on WiFi networks introduces new security challenges that require IT administrators to think outside the PC box,” Zimperium VP of Products Patrick Murray told TechNewsWorld.
Some of the largest corporate spending this year will be on enterprise mobility, Strategy Analytics predicted.
Pawing Feebly at the Problem
Most companies “are only investing in security to check the box,” remarked Ray Suarez, director of product management at Core Security.
“About 10 percent of the companies I talk to are serious about security and approaching it appropriately,” he told TechNewsWorld.
At large companies, there are “often only two or three people who are in charge of 50,000-plus assets, and … so they are totally reactive,” Suarez said.
“Defenders are being chased by a bullet train, so no matter how fast they’re moving, it’s probably not fast enough,” noted Damballa CTO Brian Foster.
“Attackers always have the first move [and] only need to be successful once. Meanwhile, defenders … must be successful 100 percent of the time,” he told TechNewsWorld.
Issues With the IoT
Things will get even worse as the Internet of Things becomes more widespread.
Right now, 50 percent of manufacturers surveyed by IDC and Flexera Software said they had developed intelligent devices, and another 21 percent planned to make their devices intelligent over the next two years.
If those plans come to fruition, we could see an astronomical increase in hacking incidents.
Do This if You Want to Live
Enterprises need to rethink how they approach security, suggested Damballa’s Foster.
“Instead of expending the majority of time and resources on prevention, security teams should assume they are compromised and work from that point forward,” he said.
Detection should be made paramount, Foster urged. “If you can detect the attacker before they exfiltrate data, you win.”
Yes, malware morphs rapidly, and yes, the majority of malware is missed the first time around, but “malware is just a file,” Foster pointed out. “The real risk occurs after a device is infected and establishes criminal communications.”
Rapid discovery and remediation can prevent damage, he maintained. Even if a network has been hacked, antifraud solutions might help.
One example is a device-based authentication service from Iovation. It checks the device used at every online transaction to authenticate that it belongs to the account holder.
Pairings can be reset on accounts to shut out access from stolen devices, Iovation VP of Product Scott Olson told TechNewsWorld.
Much more remains to be done in the face of ceaseless cyberattacks, however, and for the most part, we’re still groping our way in the dark.