Websense Predicts More Targeted, Content-Related Cyber Attacks in 2011

Security vendor’s 2010 Threat Report points to inadequacy of legacy defense systems for new wave of specific, blended attacks.

November 19, 2010

D.H. Kass

: More stories by this author:

Websense Inc., a provider of Web, data and email security, said that a new wave of targeted, so-called blended cyber attacks coordinating a variety of tactics and aimed at stealing confidential information housed at social networks and other sites that rely on user-generated content, will overrun legacy protection systems such as firewalls, antivirus and URL blockers.

Many of the targeted attacks, such as Aurora, Stuxnet and Zeus, designed to infiltrate organizations, will focus on nationalistic, political and economic cyber-terrorism, the company said.

Indeed, in a news report this week, government officials and industry experts called Stuxnet, a worm that targeted Iran’s nuclear facilities and also holds the potential to cripple industrial control systems around the world, the most severe threat to industry yet identified.

Websense said that its researchers detected a shift in the nature and tactics of cyber attacks based on data compiled from the ThreatSeeker Network, which scans 40 million websites and 10 million emails hourly for evidence of unwanted content and malicious code.

The company said that cyber criminals are “having a field day” with security gaps left open by standard protection devices such as firewalls, antivirus and URL blockers, which according to the vendor, no longer provide sufficient protection. Many attacks are classified as “zero day,” in that they have not previously been identified, and, as a result, are not readily turned up by existing cyber protection platforms.

Threats no longer are binary files delivered by email but instead are script-based, embedded in applications such as Adobe System Inc.’s Flash and propagated quickly on the social web from sites such as Facebook and YouTube, Websense said.

“The continued rise of organized cybercriminal gangs and the emergence of targeted advanced malware threats are the most concerning trend we’ve seen,” said Dan Hubbard, Websense chief technology officer.

“Security needs to move ahead of the attackers and focus on contextual classification in order to thwart them,” he said. “Simple binary access controls and castle and moat security will not solve the complex attacks we see today.”

Increase in targeted attacks expected

Websense said that its data shows a marked increase in the number of targeted--rather than broad--attacks made by cyber criminals from 2009 to 2010.

For example, findings from the vendor’s Threat Report show a 111.4 percent jump in the number of malicious websites from last year to this year; 52 percent of data-stealing attacks were conducted over the Web; 34 percent of malicious Web attacks included data-stealing code; 23 percent of real-time search results on entertainment lead to a malicious link; and, 40 percent of all Facebook status updates contain links and 10 percent of those links are compromised either as spam or malicious content.

The vendor also reported that right now the U.S. and China are the top two countries in the world hosting crimeware and receiving stolen data .

“With so many intertwined vectors, these threats demand a new approach to security that looks at both inbound and outbound content,” said Devin Redmond, Websense vice president, business development, product management, marketing.

“To protect against today’s blended and sophisticated threats, companies need to plug the spaces left by a scattershot spraying of point solutions and move to a unified security architecture that protects their content,” he said.

TAGS: social network,security,cyber attack,malicious code,Websense

Security News Solutions

Comment and Contribute

    (Maximum characters: 1200). You have 1200 characters left.



    Security News| Contact D.H. Kass | Back to top

    Click the Join button below to sign up to our newsletter!