Malware may be down, but the Internet remains dangerous: Websense

Security vendor also expects the Cloud to be a target for cyber criminals next year

Websense saw a decrease in particular kinds of malware in 2013, but A/NZ country manager, Gerry Tucker, warns that this does not mean “cyberspace is becoming safer.”

For one, Tucker points out that more complex and targeted cyber attacks are being carried out instead, particularlty as cyber criminals move away from high volume malware.

“This type of malware can become more easily detectable over time,” he said.

Instead, more direct attacks that are highly sophisticated are being employed by cyber criminals.

“These APTs [advance persistent threats] are increasingly stealthy in nature and once a foothold is secured, they will steal user credentials and move unilaterally throughout infiltrated networks,” he said.

“Not only are APTs harder to detect, they are also much more destructive to organisations that fall victim to these attacks.”

The weakest link

Tucker’s outlook for 2014 is a cautious one when it comes to the Cloud and all of the data going into it, which he said is making it a “more attractive target for cyber criminals.”

“They will find penetrating the data-rich Cloud can be easier and more profitable than getting past the ‘castle walls’ of on-premise enterprise networks,” he said.

Thus, third party Cloud providers are highlighted as potential targets for cyber attacks in 2014.

“Contractors, vendors, and other third-party members of the ‘data exchange chain’ will be seen as easy pickings,” Tucker said.

Reconnaissance conducted on professional social networks, such as LinkedIn, to gather intelligence on potential victims is also expected to be on the security radar next year.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

Tags securityCloudmalwarewebsense

More about IDGIDG CommunicationsIDG CommunicationsIDG CommunicationsWebsense

ARN Directory | Distributors relevant to this article


The other Bill Gates


So Websense poo poo the cloud because they don't have a solution to sell you for it?



Of course the cloud is a very attractive target. If you can crack the cloud at a low level then you have the potential of everything contained within it if you can fly below the radar for long enough. You can even be replicated to alternative data farms in other countries. The bad guys can even open their own cloud accounts to test with so they can be both on the inside & outside of the target. Remember also, if its your data farm, you have the option of flicking the switch if you want. If its a public cloud with thousands of customers, all with expensive QOS contracts etc its not so easy - take you a week just to get the lawyers to agree.



Another reason to use a bunch of different AV engines. I've seen organizatoins throw together 8-12 VM farms to run multiple AV's. Then we switched to OPSWAT that made it a more turnkey solution. But when trying to defend against a TARGETED ATTACK, one AV will not cut it. you need alot of AVs scanning with different types of Hueristics. Sanboxes don't hurt either.

Comments are now closed


Latest News

Nov 21
Tech Mahindra acquires Lightbridge Communications for $240 million
Nov 21
Data#3 predicts "solid" growth in first half
Nov 21
Spanning partners with Fronde
Nov 21
Simon Hackett joins Redflow
More News
25 Nov
GovInnovate Summit
03 Dec
DC Infrastructure Solutions Professional
04 Dec
DC Infrastructure Delivery Professional
16 Dec
DC Infrastructure Solutions Professional
View all events