Malware may be down, but the Internet remains dangerous: Websense

Security vendor also expects the Cloud to be a target for cyber criminals next year

Websense saw a decrease in particular kinds of malware in 2013, but A/NZ country manager, Gerry Tucker, warns that this does not mean “cyberspace is becoming safer.”

For one, Tucker points out that more complex and targeted cyber attacks are being carried out instead, particularlty as cyber criminals move away from high volume malware.

“This type of malware can become more easily detectable over time,” he said.

Instead, more direct attacks that are highly sophisticated are being employed by cyber criminals.

“These APTs [advance persistent threats] are increasingly stealthy in nature and once a foothold is secured, they will steal user credentials and move unilaterally throughout infiltrated networks,” he said.

“Not only are APTs harder to detect, they are also much more destructive to organisations that fall victim to these attacks.”

The weakest link

Tucker’s outlook for 2014 is a cautious one when it comes to the Cloud and all of the data going into it, which he said is making it a “more attractive target for cyber criminals.”

“They will find penetrating the data-rich Cloud can be easier and more profitable than getting past the ‘castle walls’ of on-premise enterprise networks,” he said.

Thus, third party Cloud providers are highlighted as potential targets for cyber attacks in 2014.

“Contractors, vendors, and other third-party members of the ‘data exchange chain’ will be seen as easy pickings,” Tucker said.

Reconnaissance conducted on professional social networks, such as LinkedIn, to gather intelligence on potential victims is also expected to be on the security radar next year.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

2014 ARN Women in ICT Awards - Nominations close October 27!: Nominations have opened for WIICTA 2014 and will stay open until October 27. But don't be late, be among the first in and NOMINATE NOW!!!

Tags securityCloudmalwarewebsense

More about IDGIDG CommunicationsIDG CommunicationsIDG CommunicationsWebsense

ARN Directory | Distributors relevant to this article

3 Comments

The other Bill Gates

1

So Websense poo poo the cloud because they don't have a solution to sell you for it?

DJ

2

Of course the cloud is a very attractive target. If you can crack the cloud at a low level then you have the potential of everything contained within it if you can fly below the radar for long enough. You can even be replicated to alternative data farms in other countries. The bad guys can even open their own cloud accounts to test with so they can be both on the inside & outside of the target. Remember also, if its your data farm, you have the option of flicking the switch if you want. If its a public cloud with thousands of customers, all with expensive QOS contracts etc its not so easy - take you a week just to get the lawyers to agree.

Jay

3

Another reason to use a bunch of different AV engines. I've seen organizatoins throw together 8-12 VM farms to run multiple AV's. Then we switched to OPSWAT that made it a more turnkey solution. But when trying to defend against a TARGETED ATTACK, one AV will not cut it. you need alot of AVs scanning with different types of Hueristics. Sanboxes don't hurt either.

Comments are now closed

 

Latest News

12:14PM
McAfee targets SMB with new security suites
10:38AM
DataCore inks multi-year Transdev contract
10:08AM
HP launches Store Virtual Hyper-Converged Appliance
09:29AM
AVG partners Centrify in secure mobility play
More News
23 Oct
NewLease & Microsoft Technical Sessions
23 Oct
NewLease & Red Hat Breakfast Briefing (Sydney)
29 Oct
NewLease & Microsoft Technical Sessions
30 Oct
Ovum 2020 Telecoms Summit
View all events