Story image

One against the web

01 Oct 10

With increased user exposure to the web and its associated threats, a new approach has become necessary to ensure timely and effective protection from malicious threats.
The internet has become ubiquitous, but beyond that, the new paradigms of cloud computing and social networking mean that more and more people have become dependent on the web, surfi ng it more intensely than ever before.
According to Gartner, cloud computing, web-oriented architectures, and Web 2.0 social networking technologies— and by extension Enterprise 2.0—ranked as the top 10 most impactful technologies in 2009 and companies have been implementing them, and need to continue to do so, in order to remain competitive.
CIOs face new challenges as crime syndicates use the inherent strengths of the internet, and users’ trust in it, to glean confi dential information for illegal monetary gain. These web-based attacks have grown in both size and sophistication over the last two years.
Perhaps even more pressing than the viruses and other malware that try to breach organisational defences is the rise and evolution of phishing, where tricksters pose as legitimate parties to gain personal and confi dential data, either through e-mail or fraudulent websites.
The Anti-Phishing Working Group found that such attacks have risen a whopping 585% in 2009; and what is even more worrying is that they have become harder to avoid.
Mainstream presence
Millions access the internet through search engines like Google and cybercriminals know this. Recently, they have begun adopting complex threats that start where the user searches.
By poisoning search engine results, which users tend to trust implicitly, cybercriminals can drive unsuspecting users to malware. Fake antivirus software and video codecs are favourite malware deliverables in these attacks.
There has also been a widespread increase in phishing attacks – up almost 600% in 2009. These attacks have been around for many years but are now very sophisticated, replicating banking or other sites, down to the text on the homepage. At a quick glance, these sites look exactly like the ones they mimic, fooling users into entering login or other personal information.
Such phishing attacks have become effective because traditional security puts a lot of focus on protecting from external attacks, however, a recent Symantec threat report noted that 93% of attacks get past defences by riding requested content back to the user. Only 7% of attacks are directly against the network – the traditional domain of IT security.
Tripartite protection paradigm
So, how do resellers prepare for security in this new web savvy age? Resellers can help organisations embrace three new paradigms:
1. Cloud-based defenses;
2. On-demand security intelligence;
3. Focus on the internet gateway
Let me explain why each is important. Cybercriminals utilise the power of the internet to spread malware. To combat this threat, defences must also harness the power of the internet to unite millions of people worldwide for shared protection and intelligence. One against the web is a diffi cult and costly defence to maintain, but cloud-based defenses provide an alternative. The Blue Coat WebPulse service, for example, unites 62 million members, to identify new and unknown web content and links. The discovery of malicious content or malware is immediately shared with all users for continuous protection against evolving threats. Additionally, new defences can seamlessly be added to the cloud and made available to all users without requiring a network upgrade.
With a cloud architecture like this in place, users have access to on-demand security intelligence about the latest threats. With rapidly evolving threats, that can last for as little as two hours, there has been a dramatic increase in zero day threats that render daily updates – the traditional routine for antivirus protection – less effective.
While traditional security defences, such as antivirus and fi rewall software, still have a place in the network, they cannot be the fi rst line of defence against these threats. Instead, effective protection requires on-demand intelligence that is fed by a large user community. To best protect users, this cloud-based architecture must complement strong protection and policy enforcement at the internet gateway. Setting good policies that can be consistently enforced to protect users is the domain of an internet gateway that can block malware and ensure that the network is not compromised by lurking internet threats.
Addressing these issues now is critical. All evidence shows that web-based threats continue to grow at a quickening pace. As users migrate to online communications tools such as Twitter or Facebook, they are at heightened risk of exposure to these threats. By combining a cloud-based defence that provides on-demand intelligence and immediate, continuous protection with strong policy enforcement at the internet gateway, organisations will be prepared to meet th new world.