The IT security landscape has experienced a seismic shift. Malware in its many forms has propagated and proliferated into new forms to attack every size and shape of connected computing device from smartphones to PCs right through to industrial engineering systems. Combating this tide of malicious content requires a new mindset, a new rationale and a new appreciation for IT security protection software.
But there is a problem.
The problem, or the challenge if you prefer, is that most small to medium sized businesses still rank traditional IT vulnerabilities as the area of most concern. By “traditional” IT vulnerabilities, we mean email attachments and dangerous website links. For many SMBs this is often the “complete picture” when it comes to information security. The perception is that if they cover these channels off, then they are safe.
Of course traditional threats have far from disappeared, but a new breed of more intrusive malware techniques are evolving across many layers of the web. As we now access the Internet from more devices, many of them mobile, for more of the time – the risk is multiplied every day.
So what shape are these new dangers?
We’ll cover a handful of new “attack vectors” here including phishing, search engine poisoning, social engineering, industrial espionage, dormant malware and more.
Phishing is not new, but it is on the rise and is changing. Phishing techniques generally involve users receiving emails from spurious non-existent businesses offering them amazing deals in return for sharing personal information. As users have become more aware of phishing, so phishing has become more targeted. Bogus offers have started to select specific user types and offer them specific goods and services relating to their interests. An example would be gamers using a particular console being offered player tokens or rewards if they respond to an email offer.
Search engine poisoning receives less attention than viruses, yet it is on the rise. This is the process by which hackers “poison” search engine results to direct users to malicious website links. This can be achieved by using the sponsored links section in the search engine or can be done more directly via the injection of HTML code. This can be very effective for hackers as they don’t need to actually break into the web servers running the websites being targeted, they simply need to find vulnerable sites and inject code to suit their means.
Social engineering encompasses phishing as one of its major components, but goes further to include confidence scams and trickery of all kinds that have been performed for many years before the arrival of the Internet. Think of this as the scenario where you might trust a worker in a branded jacket or tabard with a clipboard and a name badge; anyone can “brand” themselves as a legitimate employee representing a company to hide their real criminal intent – the same scams exist in our online world in many forms.
Many people imagine viral attacks to happen immediately upon infection. In fact, malware will very often lie dormant until a user performs a certain function with her or her PC or other device. Dormant malware could be coded to execute only when e-commerce transactions are being carried out so that maximum damage can be brought about. Once again, malware is constantly becoming more sophisticated so this is yet another consideration to be aware of.
AVG’s engineering labs work at a higher velocity and a deeper level of code inspection than any team of hackers, however sophisticated an operation they might be a part of. That being said, an awareness for the new dangers being thrown up by this shifting landscape is important if users want to stay safe and keep their data and personal information protected. Unpredictability is the new norm and change is the new constant.