Matching evolving malware with advancing tools

Matching evolving malware with advancing tools

Tags:   2010 security predictions  cloud-based antimalware  malware  whitelisting

By Nick Lewis | Jan 25, 2010

In the past year, malware has evolved in five major areas: bots, rogue security software, generic spyware, targeted malware and attacks on mobile phones and smartphones. These threats have, in turn, allowed criminals to find new ways to monetize the unauthorized access they have been able to gain. In the last year, malware has incorporated better techniques for hiding and staying resident on new hosts, improving their communications and increasing users' concerns about identity theft and related fraud. 

Most security attacks get incrementally more dangerous over time, and some attacks will make major advancements in 2010. Malware, for example, will only get worse over the next year, even from its current state of sophisticated botnets. Malicious code will get easier to use, and criminals will have the ability to configure full-management applications, improved toolkits and update mechanisms to incorporate zero-day attacks and customizations. 

It may seem bleak, and enterprise security pros should certainly find it daunting. However, tools and techniques will also evolve over the next year to better protect corporate networks and data.

Predictions: Future security threats, defenses for 2010
There are few constants in information security, but the continued evolution of (and danger from) malware is one of them. Organizations can combat evolving malware and botnets through a combination of best practices like security awareness training, policies and procedures, and two emerging technologies: whitelisting and cloud-based antimalware. Let's discuss both of those technologies briefly:

  • Whitelisting will evolve in enterprises as organizations evaluate new products, their functionality and how they can be used to more effectively protect their environment. Whitelisting defines the executables that can run on a system and then stops all others when software isn't on a defined list of acceptable behavior.

    Whitelisting has evolved in the last couple years. Initially, the technology was a complex system where enterprises needed to define every single executable. Now whitelisting products come with preconfigured templates, improved capabilities to approve new executables, and full management systems. Enterprises will realize that relying on antivirus software alone will not be tenable, and a new defense must be used. More enterprises in 2010 will use and set up their own whitelists and blacklists to supplement or replace their existing antimalware protections and then configure policy to determine what action to take for software that's not on either list.  

 
 
12

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Today's top security priorities
Attacks based on vulnerabilities in websites are skyrocketing, and not many solutions are available to protect organizations against them. How do you deal with this and other key security issues today?
Taking a holistic business-centric approach to security
Today’s CIOs face multiple challenges, including the need to innovate in an extremely competitive business climate, address highly dynamic regulatory and compliance challenges, speed ROI to counter shrinking IT budgets, and secure their organizations against a wide barrage of sophisticated threats.
 
 
 
UTM product offers Logansport Savings Bank superior protection
Astaro Security Gateway’s IPS was able to block attacks that other intrusion prevention systems (IPS) missed at Logansport Savings Bank.
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
 
 
 

Recent popular content

Most Read
Merging SIM and IAM systems
DNSSEC predictions optimistic
WhiteHat Security reveals top 10 Web hacking techniques
Social networking sites are phishing traps
RSA conference tackles social networking

Site map
Search Security Asia
About Us
Print/Digital Subscription
Sales
Feedback
Security Tips
Expert Opinions
Research
White Papers
Case Studies

Blogs
Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications
Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management
Media
Videos
Podcasts
Webcasts
News
RSS