Share

Related Links

  • Blue Coat Systems
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

Top 5 Stories

News

Social networking is driving hacker attack strategies says report

01 April 2010

Confirming what many in the IT security space have suspected for some time, a just-released study says that changes in online user's behaviour – driven largely by the rise of social networking – is pushing hackers to develop ever more sophisticated attack strategies.

The report, from Blue Coat Systems, which tapped the data pool generated by its WebPulse security service, says that hackers are developing broader attack strategies, including complex blended threats, faster malware lifecycles and search engine manipulation.

According to to Blue Coat, malware is starting to be adapted by hackers in relatively rapid lifecycles – the average lifespan of a typical piece of malware dropped from seven hours in 2007 to just two in 2009, notes the report.

As a result of this faster malware lifecycle, the study says that defences that require patches and downloads are simply unable to keep pace.

Increased reliance on social networking for communication, says Blue Coat, means there is less reliance on web-based email, which dropped in popularity from fifth place in 2008 to ninth place in 2009.

And, the report adds, exploiting user trust drives most common threats. The two most common web-based threats in 2009 – the fake antivirus software and the fake video codec – both exploited user trust on the internet, search engines and social networks.

According to Blue Coat, these were not the 'drive-by' attacks of recent years, nor did they require a vulnerability to exploit other than human behaviour.

Chris Larsen, senior malware researcher at Blue Coat, said that the increasing use of link farms to manipulate search engine results and prey on the trust users have in their internet experience drove many of the malware exploits his researchers saw in 2009 and are continuing to see in 2010.

"To provide comprehensive protection in the face of these threats, enterprises need not only a layered defence but also better user education", he said.

"The web is growing too fast in all directions for human raters or even web crawlers to manage. It is turning into a war of machines, and the best defences are able to leverage the strength-in-numbers principle to protect users", he added

The information in the report is based on an analysis of data collected from the Blue Coat WebPulse service, a cloud-based collaborative defence facility that is billed as having 62 million users around the world.

This article is featured in:
Identity and Access Management  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×