Between botnets, viruses and other malicious programs, there are a lot of things in the digital world that security solutions must guard against. The traditional approach of keeping antivirus software up to date is not enough to protect users against threats in the age of intelligent malware. According to ComputerWeekly columnist Warwick Ashford, the problem is many companies are still relying solely on signature-based technology, which cannot protect against unidentified threats.
Ashford highlighted comments from Roger Thompson, chief emerging threats researcher at ICSA Labs, who explained at a recent industry conference that most security labs see 300,000 malware samples per day and 70,000 of those are unique. Thompson did not call for traditional solutions to be eradicated completely, but he said the security culture within organizations must change to utilize new approaches, such as behavior-based solutions.
Behavior-based technology has the advantage of flexibility. It allows administrators to set policy specifications and block programs that attempt to operate outside of those predefined requirements. This flexibility offers organizations the ability to adapt software to their specific security needs.
Single-platform solutions are not enough
Another shift within cybersecurity has been an increased emphasis on data protection. As CNNMoney columnist David Goldman reported, 2012 has seen an explosion of mobile malware. One potentially disturbing trend is that cybercriminals have retailored drive-by download attacks for mobile devices. These attacks automatically compromise a device when the user visits an infected website. Android is the most commonly targeted platform, but the significant spike in malware designed for smartphones and tablets makes mobile security in general much more important. Especially in light of the fact that mobile devices have also become a part of the botnet ecosystem.
"Even Twitter has become a tool for attacks from botnets – large collectives of infected PCs and phones that do the bidding of the attacker," Goldman wrote. "Instead of connecting to all the infected devices via a Web server, cybercriminals are increasingly building viruses that are trained to search for commands from specific Twitter accounts. Using Twitter means attackers no longer have to buy an expensive Web server or go through the trouble of stealing one."
The ease at which hackers can pose a threat to organizations requires that organizations adopt a more security-conscious culture. It is not enough to rely entirely on a single technology solution. Instead, organizations can utilize complementary security solutions and increase threat awareness by providing employee education.
Security News from SimplySecurity.com by Trend Micro