Malware may be down, but the Internet remains dangerous: Websense

Security vendor also expects the Cloud to be a target for cyber criminals next year

Websense saw a decrease in particular kinds of malware in 2013, but A/NZ country manager, Gerry Tucker, warns that this does not mean “cyberspace is becoming safer.”

For one, Tucker points out that more complex and targeted cyber attacks are being carried out instead, particularlty as cyber criminals move away from high volume malware.

“This type of malware can become more easily detectable over time,” he said.

Instead, more direct attacks that are highly sophisticated are being employed by cyber criminals.

“These APTs [advance persistent threats] are increasingly stealthy in nature and once a foothold is secured, they will steal user credentials and move unilaterally throughout infiltrated networks,” he said.

“Not only are APTs harder to detect, they are also much more destructive to organisations that fall victim to these attacks.”

The weakest link

Tucker’s outlook for 2014 is a cautious one when it comes to the Cloud and all of the data going into it, which he said is making it a “more attractive target for cyber criminals.”

“They will find penetrating the data-rich Cloud can be easier and more profitable than getting past the ‘castle walls’ of on-premise enterprise networks,” he said.

Thus, third party Cloud providers are highlighted as potential targets for cyber attacks in 2014.

“Contractors, vendors, and other third-party members of the ‘data exchange chain’ will be seen as easy pickings,” Tucker said.

Reconnaissance conducted on professional social networks, such as LinkedIn, to gather intelligence on potential victims is also expected to be on the security radar next year.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

FILL IN THE SURVEY - AND YOU COULD BE A WINNER: ARN wants to hear from YOU. Tell us how you run a successful business and you could win an adrenaline-fuelled adventure of your choice. COMPLETE THE ARN SURVEY.

Tags securityCloudmalwarewebsense

More about IDGIDG CommunicationsIDG CommunicationsIDG CommunicationsWebsense

ARN Directory | Distributors relevant to this article

3 Comments

The other Bill Gates

1

So Websense poo poo the cloud because they don't have a solution to sell you for it?

DJ

2

Of course the cloud is a very attractive target. If you can crack the cloud at a low level then you have the potential of everything contained within it if you can fly below the radar for long enough. You can even be replicated to alternative data farms in other countries. The bad guys can even open their own cloud accounts to test with so they can be both on the inside & outside of the target. Remember also, if its your data farm, you have the option of flicking the switch if you want. If its a public cloud with thousands of customers, all with expensive QOS contracts etc its not so easy - take you a week just to get the lawyers to agree.

Jay

3

Another reason to use a bunch of different AV engines. I've seen organizatoins throw together 8-12 VM farms to run multiple AV's. Then we switched to OPSWAT that made it a more turnkey solution. But when trying to defend against a TARGETED ATTACK, one AV will not cut it. you need alot of AVs scanning with different types of Hueristics. Sanboxes don't hurt either.

Comments are now closed

 
Computerworld
CIO
Techworld
CMO

Latest News

04:44PM
FireEye highlights virtualisation and security opportunities in Sydney (+15 phot...
04:16PM
Vaya undercuts major telcos with launch of NBN plans
03:15PM
Meru Networks, Wavelink and Compulec deploy wireless solution at The Glennie Sch...
02:18PM
Security concerns remain for off-site backup and archiving: CommVault
More News
25 Aug
CA IT Leaders Forum ’14 Brisbane
26 Aug
CA Expo ’14 Sydney
26 Aug
Integrate 2014 Exhibition & Conference
27 Aug
BizTalk Summit 2014, Australia
View all events