Websense 2010 threat report warns against more advanced, blended cyber attacks

When it comes to dangerous web threats, the only constant is change and gone are the days of predictable attack vectors, says the Websense 2010 threat report.
Instead, the report says that modern blended threats such as Aurora, Stuxnet, and Zeus infiltrate organisations through a variety of coordinated tactics, usually a combination of two or more.

The report is based on the analysis of Websense Security Labs researchers who rely on the ThreatSeeker network, which every hour scans more than 40 million websites for malicious code and nearly 10 million emails for unwanted content and malicious code.

The 2010 evidence and metrics suggest that cyber criminals and their blended attacks are having a field day taking advantage of security gaps left open by legacy technologies like firewalls, antivirus, and simple URL blockers.

The report showcases how in today's threat landscape, legacy defenses simply don't work. It adds that threats are no longer binary files delivered in attachments, they are script-based attacks and they are embedded in rich media like Flash and many spread rapidly on the social web.

Reputation filters provide zero security for threats delivered via top ''legitimate'' websites like Google, Facebook, and YouTube, where 80 per cent of web traffic goes. Cyber criminals knowing that legacy technology simply looks for known information (signatures) or reputation of previously identified threats, successful exploit existing defenses, the report says.

Most of today's blended attacks are considered ''zero-day," in that they have not been previously identified. They are ever-evolving and pre-tested by cyber criminals on common anti-virus products before they are released. These threats sail through firewalls and open channels.