Featured Article from Cloud Security

Enterprise Escalations Required in War on Malware

February 08, 2016

The fight against malware is more critical to enterprise security than ever and the targets of attacks are becoming increasingly specific. The challenge is simple. When it comes to the enterprise, the targeted devices are typically connected to computer networks, in private data centers as well as in the cloud or increasingly in hybrid environments that hold some degree of privileged information.  In short, they make very desirable targets of cybercriminal organizations.

Fighting back against the most advanced types of malware requires increasingly sophisticated approaches and tools. This escalated need for defense is highlighted in a new research report by ThreatTrack Security who specializes in helping organizations identify and stop Advanced Persistent Threats (APTs). The latest report, done via an independent blind survey of 207 IT managers who are security professionals was conducted by Opinion Matters on behalf of ThreatTrack Security in December 2015.  It indicates a number of factors and challenges that make the need for advanced tools so great. Among those are the technical challenges, the complexity of emerging malware, the volume of malware, the amount of time it takes to analyze new malware samples, and the importance of secure measures in the modern enterprise.

Digging deeper, the report shows how 56 percent of respondents had cited the complexity of malware as the most difficult technical challenge in the defense of networks. Close behind at 47 percent, respondents pointed to the overall volume of malware as a challenging issue.  Some figures were tied to cultural aspects and awareness, as seen in the improved incident rates due to executives visiting pornographic websites or lending company-owned devices to family members. 

Source:  ThreatTrack Security study, February 2016                      

While the good news is that anti-malware technologies are in use by an overwhelming majority of businesses in the United States, as the responses indicate the element of organizational protection is not a standard part of the common anti-malware platforms.  In addition, it is noted that those with malicious intent are getting more sophisticated.  As we all know, malware attacks have been found at the heart of several high profile data breaches where privileged information was stolen. In many cases, the malware used can be found in the underground market and is based on a rapid evolution that has seen the emergence of new versions on a daily basis. This is a ploy that helps sophisticated malware avoid detection, rendering signature-based preventative techniques essentially useless.

The rapidly-evolving malware landscape and the specter of its threats are causing a significant impact on business. As the report shows, only 20 percent of security practitioners felt the challenge in the last year had gotten any easier.

The ThreatTrack Security report also suggests that anti-malware security measures used by enterprises are not doing enough to prevent data leakage. Whether robust enterprise tools are insufficient, haven’t penetrated the market well, or have not done a good job of getting the word out, there is an apparent large opportunity for security solutions providers. 

A big component in this protection gap is the diversity of devices that have made their way into the workplace and connect to all variety of servers including clouds of ally types. Alarmingly, but not surprisingly, mobile device malware is beginning to make its own presence felt in the overall threat matrix. In addition, the average worker can now be found to be using a variety of devices to connect to company information, which makes the challenge even greater.

In recent years, a variety of tools have emerged to deal with this rising issue and among them are intelligent security log response systems, endpoint security control measures, and centralized anti-malware management suites.

The conclusions drawn from the survey by ThreatTrack Security are worth noting:

Too many organizations still need to refine their malware-fighting strategies, which is evident from the very modest gains over the last two years in their readiness to fight cybercrime. Although security analysts say they have the tools they need, it's clear malware analysis remains too slow and, as such, increases the risk of infection and breach.

Organizations need to invest in purpose-built malware analysis solutions that dramatically speed up analysis. The hours they currently spend on analysis can make the difference between a small, quickly contained breach and a widespread infection resulting in the kind of spectacular, headline-grabbing security incident that has occurred too often in the recent past.

The last point is well taken.  As has been the case in many of the latest high profile data breaches, it has taken weeks if not months for companies to even notice they have been under attack. Not having the tools to provide the visibility needed in as close to real-time as possible is not just a means to be able to respond more quickly, it is also the way to avoid high visibility and costly and potentially brand destroying incidents.  Hence, having the tools and certified experts using them can dramatically cut an organization’s risk exposure.  Given that every second counts the advice to invest in purpose-built malware analysis solutions is as much as call to action as it is a recommendation stemming from the responses of those on the front lines battling the bad guys.  

Edited by Peter Bernstein

Article comments powered by Disqus

FREE eNewsletter

Get the Latest Cloud Security News

ArrowSubscribe Now