IT Teams Struggle to Keep Pace with Malware


A recent survey conducted by an independent research firm for Norman ASA, a provider of content security and malware analysis solutions, revealed that IT leaders carry significant fears when it comes to the sophistication and volume of malware.

Of the IT leaders surveyed for the study, 58 percent said their biggest fear for 2012 was the growing number of malware threats.  In addition to sheer volume, 62 percent of the survey’s participants said malware’s sophistication was growing at a faster rate than their analysis capabilities.

Darin Andersen, vice president, and general manager for Norman’s North American division commented on the problems plaguing IT teams: “It is widely recognized that the volume and sophistication of threats continue to grow dramatically, yet many organizations are only incrementally adding resources to better understand these threats.  The analysis is a critical component of a comprehensive defense-in-depth strategy. Failure to maintain an updated understanding of these threats will leave networks increasingly vulnerable.”

In terms of malware for 2012, 65 percent said the volume of threats would increase by over 25 percent.  Instead of keeping pace with the cybercriminals, however, only 45 percent said they expected their malware budgets to increase in 2012, and only 33 percent said they planned to add security analysts to their response teams.  What’s worse is that only 17 percent of those surveyed admitted that they were detecting all of the malware targeting their companies.

Participants who stated plans to ramp up their security efforts in 2012 noted that it would not be an easy task.  Approximately half said that it would not only be difficult to find capable malware analysts, but the time to provide the necessary training will also be limited.  Facing such a human resources squeeze, 52 percent said they planned to enhance their in-house security setups with a commercial solution.  A huge factor in the decision, according to 71 percent of the leaders, is to reduce the strain caused by in-house solutions that require costly management and maintenance.

While many plans to add commercial solutions to existing in-house solutions, 54 percent said they already operate under such a structure.  Another interesting tidbit showed that adoption of commercial solutions (37 percent) by organizations outnumbers internal solutions (9 percent) by a wide margin.

Mobile Malware Spreading via Tweets

It’s no secret that cybercriminals love to use popular avenues to increase the presence of their schemes.  The growth of social networking has given them an extremely useful vehicle to do so, and a specific target as of late has been Twitter.  Just like Facebook, Twitter and its mobile users are being affected by malware, and a recent blog post by Symantec gave a closer glimpse into some of the tricks being detected.

Twitter and mobile devices seem like a match made in heaven.  Users can keep up with friends while on the go, and the short nature of tweets makes them ideal for input on a mobile device.  Symantec has noticed that tweets are being used to drive mobile users to websites infected with Android.Opfake malware.  The tweets often come up when users employ Twitter to search for such topics as dieting, pornography, mobile devices, and software, just to name a few.  The malicious tweets are often a mix of Russian and English and contain a shortened URL.  Clicking on one of the URLs leads to sites engineered for the malicious Opfake application, where users are prompted to install it.

While the Opfake’s Twitter scheme is pretty straightforward, its variations make it more difficult to trace.  Some of its Twitter profiles have common names, photos, and content, while others do not.  Some tweet on occasion and have actual followers.  Others tweet at a rapid pace and have zero followers.  As for the volume of tweets, Symantec noted that approximately 100 accounts managed to send out 130,000 tweets over eight hours.  The security firm reported its detections to Twitter, and the site responded by taking down the profiles.  Still, you can bet that more are on the way.

To protect yourself from falling for such traps, Symantec recommends exercising common sense when on Twitter and around the Web.  Do not click on suspicious links from unknown sources, but also be on the lookout for malicious links that could find their way into compromised accounts.

Previous articlePhishing Scams: An Overview and How to Detect Them
Next articleHow to Cover Your Tracks on the Web