Malware Attacks on Enterprises Becoming More Advanced: Report
Malware is increasingly being used as advanced persistent threats against enterprises, according to the latest quarterly report from Cisco.
There were 287,298 "unique malware encounters" in June 2011, double what was found in March, according to a Global Threat Report from Cisco Security Intelligence Operations released Aug. 1. Since the beginning of 2011, unique malware encounters have nearly quadrupled, Cisco said.
In the report, Cisco researchers did not restrict a malware encounter to just malware infecting a single system. It can also include incidents when a system was initially infected by a basic downloader, which analyzed the system and downloaded even more sophisticated data-collecting malware.
"Malware has evolved along with the Internet and is now the tool of choice for would-be attackers," wrote Gavin Reid, manager of the computer Security Incident Response Team at Cisco.
Cyber-attackers rely on malware to "remain surreptitious" so that they can continue to remotely manipulate a system while remaining virtually invisible, Reid said. Detecting APTs like unique malware is not an easy task because there is no "silver bullet" such as a software signature that would identify them on a network, he said.
"If anyone attempts to sell your organization a hardware or software solution for APTs, they either don t understand APTs, don t really understand how computers work or are lying, or possibly all three," Reid said.
On average, enterprises had 335 malware encounters per month, Cisco researchers found. March had the highest malware activity during the second quarter, with enterprises seeing an average 455 pieces of malware, followed by an average 453 encounters in April.