Advanced attacks are the new normal, experts claim

Malware attacks are becoming increasingly sophisticated, with the old scatter-gun approach of generalised mass spam emails being abandoned in favour of more targeted attacks.

This is one of the findings of Websense's annual threat report, which this year has focused on what motivates hackers to carry out cyber attacks.

Carl Leonard, senior manager at Websense, told IT Pro: "What this really means is that the majority of attacks we are seeing now are advanced in that they are able to bypass existing security systems."

"Attackers only have to make minor tweaks to their methods to be successful."

The researchers claim to have identified a distinct seven-step kill chain' in the malware delivery process, starting with reconnaissance, followed by a lure, a redirect, arriving at the exploit kit, the malicious file being dropped, which then calls home' back to the attacker, followed by ultimately the data theft.

While data theft was the common goal of many attacks, the motivation varied significantly, from financial gain to destroying a company's competitive advantage to stealing state secrets, according to the research.

Leonard added that attacks now are often very covert, often using driveby' techniques to deliver a malicious payload via a compromised website, which a user may browse onto.

An additional obfuscation technique used by attackers is to redirect a victim several times normally four but occasionally up to 20 to make both the attack and the attacker harder to trace.

A further change in the threat landscape has taken place following the arrest of the alleged creator of the infamously popular Blackhole exploit kit, known as Paunch.

Initially, cyber criminals largely abandoned exploit kits, having been spooked by the arrest. However, shortly afterwards, they turned to alternatives, particularly Magnitude and Neutrino, which have seen a significant increase in usage.

"Advanced attacks really are the new normal," said Leonard.

"In order to protect themselves, organisations need to look at the kill chain model and raise the bar at each level to ensure they are protected," he concluded.

The full report can be downloaded from the Websense website.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download