A recent survey conducted by an independent research firm for Norman ASA, a provider of content security and malware analysis solutions, revealed that IT leaders carry significant fears when it comes to the sophistication and volume of malware.
Of the IT leaders surveyed for the study, 58 percent said their biggest fear for 2012 was the growing number of malware threats. In addition to sheer volume, 62 percent of the survey’s participants said malware’s sophistication was growing at a faster rate than their analysis capabilities.
Darin Andersen, vice president and general manager for Norman’s North American division, commented on the problems plaguing IT teams: “It is widely recognized that the volume and sophistication of threats continues to grow dramatically, yet many organizations are only incrementally adding resources to better understand these threats. Analysis is a critical component of a comprehensive defense-in-depth strategy. Failure to maintain an updated understanding of these threats will leave networks increasingly vulnerable.”
In terms of malware for 2012, 65 percent said the volume of threats will increase by over 25 percent. Instead of keeping pace with the cybercriminals, however, only 45 percent said they expect their malware budgets to increase in 2012, and only 33 percent said they planned to add security analysts to their response teams. What’s worse is that only 17 percent of those surveyed admitted that they were detecting all of the malware targeting their companies.
Participants who stated plans to ramp up their security efforts in 2012 noted that it will not be an easy task. Approximately half said that it will not only be difficult to find capable malware analysts, but the time to provide the necessary training will also be limited. Facing such a human resources squeeze, 52 percent said they planned to enhance their in-house security setups with a commercial solution. A huge factor in the decision, according to 71 percent of the leaders, is to reduce the strain caused by in-house solutions that require costly management and maintenance.
While many plan to add commercial solutions to existing in-house solutions, 54 percent said they already operate under such a structure. Another interesting tidbit showed that adoption of commercial solutions (37 percent) by organizations outnumbers internal solutions (9 percent) by a wide margin.
As for what organizations must acquire from commercial solutions, Andersen said: “Because it will be difficult for analysis teams to handle the sheer volume of threats, the automated solutions IT teams purchase must feature scalability. The ability to simply add effective new appliances to a network as the number of threats increase will significantly help teams keep up with the growing threat of cyberattacks.”
For more on this topic, visit http://www.marketwatch.com/story/norman-security-opinion-survey-malware-response-teams-fear-2012-threats-will-grow-in-number-and-sophistication-faster-than-they-can-upgrade-analysis-capabilities-2012-03-14
Mobile Malware Spreading via Tweets
It’s no secret that cybercriminals love to use popular avenues to increase the presence of their schemes. The growth of social networking has given them an extremely useful vehicle to do so, and a specific target as of late has been Twitter. Just like Facebook, Twitter and its mobile users are being affected by malware, and a recent blog post by Symantec gave a closer glimpse into some of the tricks being detected.
Twitter and mobile devices seem like a match made in heaven. Users can keep up with friends while on the go, and the short nature of tweets makes them ideal for inputting on a mobile device. Symantec has noticed that tweets are being used to drive mobile users to websites infected with Android.Opfake malware. The tweets often come up when users employ Twitter to search for such topics as dieting, pornography, mobile devices, and software, just to name a few. The malicious tweets are often a mix of Russian and English and contain a shortened URL. Clicking on one of the URLs leads to sites engineered for the malicious Opfake application, where users are prompted to install it.
While the Opfake’s Twitter scheme is pretty straightforward, its variations make it more difficult to trace. Some of its Twitter profiles have common names, photos, and content, while others do not. Some tweet on occasion and have actual followers. Others tweet at a rapid pace and have zero followers. As for the volume of tweets, Symantec noted that approximately 100 accounts managed to send out 130,000 tweets over an eight hour span. The security firm reported its detections to Twitter, and the site responded by taking down the profiles. Still, you can bet that more are on the way.
To protect yourself from falling for such traps, Symantec recommends exercising common sense when on Twitter and around the Web. Do not click on suspicious links from unknown sources, but also be on the lookout for malicious links that could find their way into compromised accounts.
For more on this topic, visit http://www.symantec.com/connect/blogs/attempts-spread-mobile-malware-tweets
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More Web Hosting News Articles
More By wubayou