As security researchers look for patterns to all the various types of attacks that were launched in 2011, there is one glimmer of optimism that should warm the hearts of IT security administrators everywhere.
Trend Micro reports the number of publicly reported vulnerabilities decreased to 4,155 in 2011 from 4,651 in 2010. That may not seem like much progress, but the lower number of vulnerabilities being reported suggest that progress is finally being made in addressing security holes in applications. Obviously, we still have a long way to go, but it’s also probable this improvement in security is also contributing to a shift in tactics by cybercriminals.
It’s become less cost-effective for cybercriminals to scan for vulnerabilities as IT organizations get better at securing their environments. As a result, they seem to be shifting their efforts to more targeted attacks in the form of advanced persistent threats. These attacks are not all that advanced and tend to focus on one high-value target. That, of course, creates a new set of IT security challenges.
Jamz Yaneza, threat research manager at Trend Micro, says cybercriminals these days are after the weakest link they can find in a particular IT ecosystem. Once they penetrate the defenses of that weakest link, they try to exploit that breach to access the systems of any organization doing business with that organization. That means, Yaneza says, is that even large organizations are susceptible to attacks that initially might be aimed at business partners or even subsidiary business units.
Trend Micro, in a report that can be found here, also notes that the avenues through which malware is being delivered is changing. Not only has there been a marked increase in the volume of malware aimed at mobile computing platforms, social media sites have emerged as a primary vehicle through which end users are being infected with malware.
There’s no simple answer to solving this problem. But as malware distribution becomes more stealth and more targeted, it’s clear IT organizations will need to rely on a more automated approach to providing in-depth security across entire IT ecosystems. Ultimately, that means coming up with a more strategic security plan because relying on antivirus software and firewalls alone simply isn’t going to cut it anymore.