Unit 42, the research division of Palo Alto Networks, have released their 2014 Fall Threat Landscape review. The report is a comprehensive assessment of malware trends affecting thousands of organizations in major industries around the world.
Key highlights include:
- All vertical markets saw e-mail (SMTP) and HTTP as the primary channels for malware delivery, but the percentages for each industry vary significantly, indicating that these industries have different threat profiles. Retail and wholesale organizations received almost 28 percent over the web channel, while hospitality organizations received just two percent over the same channel. Organisations need visibility into the types of traffic traversing their networks so they can quickly identify and prevent threats.
- Malware was delivered in over 50 distinct applications, 87 percent of which were delivered over e-mail and 11.8 percent through web browsing (HTTP). While these two channels account for the majority of malware attacks, it is important that organizations are able to identify malware in any application allowed in their network.
- Over 90 percent of unique malware samples were delivered in just one or two attacks. Most of these files are part of overarching malware families, but by deploying distinct files just once or twice attackers can evade many antivirus programs. Practitioners need to consider security that can identify and stop attacks at multiple stages in the attack kill chain.
- One malware family, known as Kulouz or Asprox, was responsible for about 80 percent of all attack sessions recorded during October 2014, impacting nearly 2,000 different organizations. This malware has plagued Internet users for years, despite multiple attempts to disrupt its infrastructure.
blueAPACHE and Palo Alto have partnered to deliver security solutions (including WildFire) on-premise and on the emPOWER Network.
To learn more: