Malware

Looking beyond anti-virus to limit costs, attacks

As more than two million new malware signatures are identified each month, and more organizations are falling prey to zero-day attacks, traditional anti-virus (AV) simply can't keep up in the malware arms race.

If your organization is anything like the companies we've been speaking with, then you know firsthand the headache and ongoing challenge that the rising cost of malware has created. 

In fact, 48 percent of organizations recently reported an increase in their IT operating expenses, according to the 2010 Ponemon Institute study commissioned by Lumension. Fifty percent of them said the main driver was an increase in malware.

So, what constitutes this ever-growing price tag?

  1. The cost of deploying, managing and updating AV software.
  2. The performance impact on computer servers and networks running AV, which has to monitor a growing amount of network traffic and malware signatures.
  3. There also is the cost for help desk calls and time spent cleaning up and reimaging employee laptops and other infected endpoints.
  4. Then there is the cost of lost data – from individual files to entire disk drives to entire databases. And today's increasingly sophisticated attacks are targeting sensitive and proprietary data, such as personal information and intellectual property.
  5. Finally is the cost of network downtime and the resulting loss in productivity. IT loses productivity when addressing problems caused by malware, rather than focusing on more strategic activities.

It makes you wonder: While malware continues to grow at an exponential rate, and hackers continue to become uniquely sophisticated in their attacks, how can anyone stay safe and ahead of the security game? 

While AV is a still a relevant technology within endpoint security and one that should be used consistently to help manage fast-spreading and widely known malware, relying on AV as your primary defense against malware is wholly ineffective.

Clearly AV is necessary but not sufficient as a standalone defense. There are simply too many attacks, vulnerabilities and connections for AV to remain the efficient safeguard it once was. 

With traditional AV software, you're defenseless against zero-day malware – that is, malware that takes advantage of a recently discovered vulnerability where no patch yet exists and is so new that no AV vendor has a signature defined or deployed.

The days of simply installing AV and trusting that you're protected are long gone. There are too many vulnerabilities in your organization's applications, too many applications being downloaded onto your desktops and laptops, and too many new instances of viruses, worms and trojans.

Not to mention, too much associated cost in lost time, resourc­es and productivity due to malware.

A recent report on endpoint security by Aberdeen Group compared “best-in-class” and “laggard” organizations. It found that both best-in-class and laggards had deployed baseline security technologies such as AV, but the best-in-class organizations were far more likely to be early adopters of more advanced security technologies.

Related

GitHub search exploited for malware distribution

Malware-laced GitHub repositories using popular names and topics are being advanced by threat actors through automated updates and fraudulent stars meant to manipulate the leading software developer platform's search rankings as part of a new open-source supply chain attack, The Hacker News reports.

Rhadamanthys infostealer deployed via AI-based PowerShell

Several organizations across Germany have been targeted by suspected initial access broker TA547, also known as Scully Spider, with attacks using a generative artificial intelligence-based PowerShell to deliver the Rhadamanthys information-stealing malware, reports BleepingComputer.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.