Blue Coat predicts increase in malware in 2012
Company discovers malware networks, designed to launch web-based attacks
Web security and WAN optimisation specialists Blue Coat Systems has said that the most significant development in the threat landscape in 2011 was the development and use of malware networks, or malnets, to launch highly-dynamic web-based attacks.
According to Blue Coat's just-released 2012 Web Security Report, these complex infrastructures, which outlast any one attack, drove a 240% increase in the number of malicious sites during the year and are expected to launch as many as two-thirds of all new attacks in 2012.
The Blue Coat Security Labs team first discovered the existence of these malicious networks early in 2011 and presently is one of the only companies to specifically identify, track and block them.
Malnets are distributed network infrastructures within the internet that are built, managed and maintained by cybercriminals for the purpose of launching a variety of attacks against users over extended periods of time.
The purpose of malnets is typically to either steal personal information or transform end-user systems into botnets.
"In 2011, the ease of buying, customising and deploying malicious software kits, coupled with a faster rotation through domain names, drove a 240% increase in malicious sites," said Chris Larsen, senior malware researcher, Blue Coat Systems. "With the average business now facing 5,000 threats per month, identifying and tracking malnets to block attacks at the source before they are launched is the most effective protection. Blue Coat uniquely provides protection from malnet-launched attacks even before they happen."
The most common entry point into these malicious infrastructures rely on the path of least resistance, utilising entry points that are easy to exploit, such as search engines or portals and email, or are utilised by large, diverse populations of users.
Malnets have become so effective at launching attacks through search engines and portals that one in 142 searches leads to malicious links.
The 2012 Web Security Report examines the malnet ecosystem in depth, examining user behavior, malnet strategies and tactics, as well as highlighting the best defenses against these aggressive infrastructures.