Sophos: Prepare For Multi Platform Attacks
A newly released Sophos threat report heralds new forms of malware ushered in through security holes that emerge in light of increased complexity and multi-platform environments. Yes, that means an opportunity to introduce impending advanced solutions. But it also means a chance for partners to rethink security holistically, and impart that to customers in new security strategies.
Send to Kindle
A Sophos Ltd. end of year threat report highlighted that new and disruptive technologies in 2012 will give rise to a host of new advanced malware in 2013-- a shift that will prompt partners to redefine security as customers continued accelerated adoption of new and complex technology trends.
In its Security Threat Report 2013, Sophos revealed that the dearth of mobile, cloud and social networking adoption has also created a slew of new security threats – and new windows for the threats to pass through -- while increasingly sophisticated malware will make a debut on the security landscape. Nothing new there.
Up until now, however, attack methods have remained, for the most part, the same as in years prior. As in years past, the majority of compromises in 2012 occurred when users clicked on malicious links in e-mails or browsed infected Web pages carrying malicious code.
Also congruent with years past were attack methods that infected legitimate sites with malware in order to reel in unsuspecting users. According to the report, 80 percent of attacks in 2012 were redirects – the majority from legitimate sites that got hacked. And 27 percent of all cybercrime was connected to Blackhole exploit kit.
That made it easier for security partners, who were able to promote legacy antimalware solutions and emphasize age-old security best practices to customers.
But looking forward to 2013, the report projected greater availability of malware testing platforms, which will increase the likelihood of attackers stealthily gaining access to corporate networks.
And down the road, Sophos warns that users should also be wary of irreversible malware, attack toolkits with premium features, better exploit mitigation as well as an uptick of Web server mistakes and integration, privacy and security challenges stemming from complexity of multi-platform environments.
“Attacks and threats—on PCs, Macs and mobile devices—continue to evolve as does the technology to combat them,” said Gerhard Eschelbeck, Sophos chief technology officer. “As users demand more and better ways to do their jobs, IT continues to evolve…making it crucial for security technology to evolve, ensuring that end users are protected and empowered—no matter what platform, device, or operating system they choose.”
Much of the findings have already been widely reported. The threat landscape has become muddied with the rapid rise of new technologies such as mobility and cloud, making traditional security solutions obsolete in combatting advanced malware targeting these platforms. And undoubtedly security holes have emerged as users adopt new infrastructure without fully understanding the security implications or risks.
However, the report likely sets the stage for future releases of advanced security solutions from Sophos that incorporate threat intelligence and analytics -- a market in which the endpoint security will likely be placing larger bets in order to compete with industry peers in this space.
No doubt that opens up a lot of windows for partners to introduce upgraded and advanced solutions. But it also allows them to promote consulting services around security policy, compliance and strategy to get customers up to speed on new technologies and help them understand an array of new security ramifications. Looking forward, it also means that the channel will likely have to initiate a paradigm shift that takes a holistic, integrated view of security -- extending to all mobile, virtual, cloud and on-premise platforms -- in order to keep customers adequately protected.