The dynamic Web link is the most powerful tool for cyber crime and Web threat delivery next to social engineering human nature. Every lure has a dynamic Web link that allows cyber crime to change out payload servers, making it difficult to detect and block malware delivery. Last year, malware Web delivery infrastructure migrated to popular and trusted domains using hacking and acquired access credentials that provide a trusted veil from reputation filters and commonly blocked Web categories.
In the first few hours of a Web attack common defenses such as desktop AV are providing little protection, as shown by studies in this report and specific case examples. Real-time Web defenses, using large user communities that provide real-time awareness of new Web links and content, are finding threats more quickly. They leverage a wider range of defenses and analysis, tuned by security experts.
The dynamic Web link moves the attack challenge to Web location detection, obfuscation uncloaking, sand boxing and call-home analysis. For over a decade, the file hash value or signature has been the core element of a threat defense. Now the Web URI comes into the defense picture, as sophisticated Web constructs deliver malware, exploit kits, phishing, scams and fake software. The message is simple: keep your AV active to close the door on known threats – but add a real-time Web defense to address the dynamic Web link threat.
This security report examines Web behavior and the malware to which users are most frequently exposed. Analyzing Web requests from the Blue Coat WebPulse service, which weekly rates nearly three billion requests in real-time, this report provides an overview of the changing ways in which people are using the Internet and the new methods cybercrime is using to target their attacks.
The 2011 Web-based threat landscape continues to become more sophisticated, utilizing a combination of techniques and multiple stages to launch attacks. Read on to find out about some of the biggest shifts since 2010 including:
- Social Networking Becoming The Newest Malware Vector
- Legitimate Sites Becoming Park of The Attack Infrastructure
- Malware Hiding in Acceptable Web Categories