Menu
​Traditional defences “useless” as sophisticated cybercrime hits record high

​Traditional defences “useless” as sophisticated cybercrime hits record high

"We can only succeed by being more innovative than our criminal opponents.”

As cybercrime becomes more sophisticated and frequent across enterprise, almost 97 percent of malware has been revealed to be unique to a specific endpoint, rendering signature-based security virtually useless.

Data collected by Webroot, a provider of next-generation endpoint security and cloud-based collective threat intelligence, throughout 2015 shows in no uncertain terms that today’s threats are truly global and highly dynamic.

Many attacks are staged, delivered, and terminated within a matter of hours, or even minutes, having harvested user credentials and other sensitive information.

The report - Webroot Threat Brief - shows that countering these threats requires an innovative approach to attack detection that leverages advanced techniques and up-to-the-second threat intelligence.

“2015 was yet another record year for cybercrime, during which more malware, malicious IPs, websites, and mobile apps were discovered than in any previous year,” says Hal Lonas, CTO, Webroot.

“It comes as no surprise to those of us in the Internet security industry that the cybercrime ecosystem continues to thrive, given new innovations and little in the way of risk for those who choose to participate.

“The continued onslaught of hacks, breaches, and social engineering scams targeting individuals, businesses, and government agencies alike has caused many in the security field to ask if it’s truly possible to defend against a persistent attacker.

“We conclude that we can only succeed by being more innovative than our criminal opponents.”

Lonas says malware and potentially unwanted applications (PUAs) have become overwhelmingly polymorphic, with 97 percent of malware morphing to become unique to a specific endpoint device.

“By changing attributes to evade detection, polymorphic threats pose a major problem for traditional, signature-based security approaches, which often fail to discover singular variants,” Lonas adds.

Approximately 50 percent of Webroot users experienced a first contact with a zero-day phishing site, as compared to approximately 30 percent in 2014.

As Lonas reports, this data indicates that zero-day phishing attacks are becoming the hacker’s choice for stealing identities.

Technology companies, including Google, Apple and Facebook, were targeted by more than twice as many phishing sites as financial institutions, such as PayPal, Wells Fargo, and Bank of America.

“These tech companies are targeted because the same login credentials are often used to access many other websites, resulting in multiple compromised accounts with each phishing victim,” Lonas adds.

During the past twelve months, 100,000 net new malicious IP addresses were created per day in 2015, a significant increase from the 2014 average of 85,000 a day indicating cybercriminals rely less on the same list of IPs, and are expanding to new IPs to avoid detection.

In the second half of 2015, 52 percent of new and updated apps were unwanted or malicious - a significant increase over the first half of 2014, when only 21 percent were unwanted or malicious.

Plan of action?

With the various increases in polymorphism and other malware trends, Lonas believes it is more apparent than ever that organisations need to bolster their security posture with next-generation endpoint protection and real-time, highly accurate threat intelligence to protect themselves, their users, and their customers from cybercriminal activity.

“Dynamic intelligence enables them to set proactive policies to automatically protect networks, endpoints, and users as part of a defence-in-depth strategy,” Lonas adds.

For Lonas, this is especially necessary when security teams consider the threat landscape as a whole, in addition to conducting in-depth analysis on the threats targeting them.

“Furthermore, individuals need to be more vigilant than ever about the websites they visit, the URLs they follow, and the applications they download and use,” Lonas adds.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Webrootsecuritycyber

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Kiwi channel comes together for another round of After Hours

Kiwi channel comes together for another round of After Hours

The channel came together for another round of After Hours, with a bumper crowd of distributors, vendors and partners descending on The Jefferson in Auckland. Photos by Maria Stefina.​

Kiwi channel comes together for another round of After Hours
Consegna comes to town with AWS cloud offerings launch in Auckland

Consegna comes to town with AWS cloud offerings launch in Auckland

Emerging start-up Consegna has officially launched its cloud offerings in the New Zealand market, through a kick-off event held at Seafarers Building in Auckland.​ Founded in June 2016, the Auckland-based business is backed by AWS and supported by a global team of cloud specialists, leveraging global managed services partnerships with Rackspace locally.

Consegna comes to town with AWS cloud offerings launch in Auckland
Show Comments