Exploit kits readily available.
Malware-on-sale is assisting even novices in carrying out cyber attacks, while advanced tools are making the hackers remain anonymous by circumventing the attribution chain.
According to the Websense Security Labs 2015 Threat Report, MaaS (Malware-as-a-Service) is enabling even entry level threat actors to successfully create and launch data theft.
Availability of exploit kits on sale, rent, or subcontract, together with a combination of old techniques with newer ones, is resulting in attacks which are difficult to track back to the source.
The Websense report said that the old threats are being ‘recycled’ into new threats, launched through email and web channels and ‘challenging the most robust defensive postures’.
In 2014, 99.3% of malicious files used a Command & Control (C&C) URL that has been previously used by one or more other malware samples; 98.2% malware authors used C&C found in five other types of malware, the Websense report found.
One of the oldest vectors of attack, email, is still a potent attack launcher in spite of the evolution of the web.
Over 80% of 2014 emails scanned by Websense were found to be malicious, up by 25% from the previous year.
Websense security research vice-president Charles Renert said: "Cyber threats in 2014 combined new techniques with the old, resulting in highly evasive attacks that posed a significant risk for data theft."
In spite of easier availability of malware, attackers are focusing on the quality of attack rather than on quantity.
According to the Websense report, security threats in 2014 decreased by over 5% in 2014 to 3.96 billion, but the targets of numerous attacks have been high profile organisations with huge security investments.
Adding to the troubles of cyber security are the new ways to erase the trail of attackers using cutting-edge tools.
Hackers are able to spoof information, circumvent logging and tracking or remain anonymous by using redirect chains, code recycling and several other techniques.
"In a time when Malware-as-a-Service means more threat actors than ever have the tools and techniques at hand to breach a company’s defenses, real-time detection across the Kill Chain is a necessity," Renert added.
Websense’s report cautions that insider threats, such as accidental or malicious actions by employees, will continue to be among the risk factors for data theft.
The emergence of Internet of Things (IoT) will increase security vulnerabilities as it grows to an estimated range of 20-50 billion connected devices by 2020.
"IoT offers previously unimaginable connectivity and applications, yet ease of deployment and the desire to innovate often override security concerns," the report observed.
Photo: courtesy of Pat138241 / Freedigitalphotos.net.