Thursday, 17 May 2012
2012 the year of malware evolution
2012 the year of malware evolution
By Joan Goodchild, Senior Editor, CSO | Dec 21, 2011
0 comments
Digg
PrintSmart devices, social media and increased online activity through app stores and other transaction-based websites are coming together in what one researcher says is a scary combination of factors that have dire implications for national security.
Roger Thompson, recently hired by ICSA Labs, an independent division of Verizon, as the company's first chief emerging threats researcher, says it's time for traditional security measures to move forward in a new direction. Malware has exploded to levels that antivirus software can no longer keep pace with, he said. The tactics criminals use to exploit machines is becoming ever more targeted, with social networks and smartphones to aid them in their background research on victims.
How should the industry respond? Thompson spoke with CSO about thoughts for 2012 and further when it comes to malware, and what needs to change in the fight against it.
You've mentioned that think malware lives in "ages." What is the current age of malware today, as you see it?
This most recent age is the web-attack age. It started in 2005 when things started shifting over to the web-based attacks, exploits and drive-by downloads. That's still going on and we are in an age where there's a lot of money to be made and everyone understands that. Criminals are well organized and opportunistic, and they are mostly attacking us via the web. If it were a baseball game, I would say we are in about the fourth inning. This is going to continue for some time.
But I think we are poised to enter a new age, an age of cyber war. I'm fairly confident. For example, look at the Stuxnet worm. No one knows who really did it and no one knows who the target really was, although we can all speculate. But what we may be confident of after discovering Stuxnet is that any country not thinking along the lines of cyber war before, now is.
Similar
Add comment
knowledge_central_tab
Knowledge Central
Trusted Mobility Index
The mobile ecosystem of devices, services and networks is at a critical inflection point.While the mobile revolution is unleashing massive opportunities in both emerging and mature economies, it is also increasing in complexity and confusion. The reality is the lightning-fast adoption of powerful, smart devices is outpacing society’s ability to secure them. Today, trust in mobility hangs in the balance.
The state of the Internet, Q4, 2011
Geography appears to play a role in frequency of observed attacks on specific ports. For example, Port 23 (Telnet) is a favorite target for attacks observed to be originating from South Korea and Turkey, where it accounted for more than five times the number of attacks targeting the next most popular port (445 in both countries). Other instances of geography-based port targeting include observed attacks centered on Port 1433 (Microsoft SQL Server) in China and on Port 80 (WWW/HTTP) in Indonesia.
HID Global deploys a centralized, web-based IP access control solution at Fuxi Power Plant
Unable to meet the needs for real-time monitoring with its traditional patrol system, China's Fuxi Power Plant has deployed HID Global's VertX V2000.
StubHub: How to spot fraud before it happens
Whenever a list of log-on credentials is dumped onto the Web, retailers get hit with waves of automated attacks. Here's how ticket marketplace StubHub fights the threat.
