Architecture, Network security

Study reveals industry pros troubled most by ransomware threat, damage

December 9, 2014

IT security pros see the growing number of flaws in web browsers as their biggest endpoint security challenge, according to recent research from Malwarebytes.

In a survey of 685 IT decision-makers conducted by Lawless Research, LLC, 72 percent of respondents said the rising number of exploitable vulnerabilities made security difficult, particularly in companies with 1,000 or more endpoints.

A wide majority of companies — 82 percent — have been the victim of at least one online attack in the past year, reflecting what Malwarebytes called a “worrying trend” — the average company experienced three attacks. And, help desks and employee productivity took major hits as a result.

Also reflecting a growing sentiment in the security industry, 84 percent of survey respondents said that traditional anti-virus falls short in the face of modern threats. As a result, it appears that those with dominion over security budgets are mulling or adopting a layered approach — 76 percent of the businesses in the survey will deploy multiple endpoint solutions in 2015.

Adam Kujawa, head of Malware Intelligence at Malwarebytes, told SCMagazine.com in an email correspondence that the traditional anti-virus approach — detect only what has been seen — “was still mostly effective” five to ten years ago since one type of malware would emerge, “then spread through the internet.”  

Once it had been seen “then you're likely to see the same thing somewhere else,” he said. “This made the job relatively easy.” 

Not so today as amateur malware developers have given way to “software development firms running in the cybercrime underground.” 

They have a production methodology and a release cycle and once the malware is detected, “it's only a short time before a new variant is pushed out that evades detection,” Kujawa explained. 

Infecting systems has also become easier with users becoming victims, “simply by surfing your favorite sites unprotected.”

He added that “drive-by exploit attacks that target zero-day vulnerabilities using malicious advertising attacks can completely cut through most security measures that your average user employs and believes they are safe.” 

Today the approach must be  “to expect the unexpected, look at trends and see the malware from different points of view, this way you can not only catch what is currently in the wild but also what hasn't even been developed yet,” Kujawa said. “In addition, utilizing a layered approach to security helps users create intricate and strong castles consisting of numerous walls of protection, if an attack breaches one, there are others still in place.”

Though the least prevalent of specific threats, the new research showed that ransomware topped the list of threats that keep security pros whose businesses were affected awake at night, even more so than advanced persistent threats.  

Kujawa expressed surprise over “the severity at which ransomware damaged operations and information for so many organizations.” He noted that the number of “new and novel types of ransomware” decreased last year at the same time “the single worst one of them all, Cryptolocker” emerged. 

“Cryptolocker didn't have many copycats and therefore it appears that a coordinated attack by a single, intelligence and resourceful entity can actually be more dangerous than having similar malware in the hands of dozens of groups,” said Kujawa.

The security expert expects an increase in the frequency and severity of threats going forward. 

“We are in a critical moment of our history right now, where our technology has advanced far enough to allow us to almost completely live our lives online, at the same time our caution in securing this new world from malicious actors has not been what it has needed to be,” said Kujawa, attributing the precarious position to “the boom in technology, the requirement for profits, capital and continued progress.”

prestitial ad