The sheer volume, variety and velocity of cyber threats in today’s internet landscape may seem daunting, but knowing your enemies and the tactics they use are the best defense for your business. With this in mind, the Webroot team put together the Webroot 2016 Threat Brief, which provides important perspectives on the latest threat developments, the challenges they present, and how to defeat them. Three key trends to be aware of include:
1. Polymorphic Malware on the Rise
Nearly all malware and potentially unwanted application (PUA) delivery uses polymorphism—either at the server level, where every executable generated is a unique variant, or the threat itself is polymorphic and thus unique to the recipient. Polymorphism poses a major problem to traditional security approaches, which struggle to discover singular variants, let alone do so in time to stop data breaches and other compromises.
During 2015, Webroot saw hundreds of millions of new, unique executable files. While the majority of these files are benign, mixed among them are executable threats that emerge quickly and are highly customized and targeted; for example, data from 2015 shows that over 97% of malware encountered by Webroot customers was seen on only a single endpoint.
The Webroot threat intelligence and discovery model was specifically designed to detect and prevent unique polymorphic executables. In independent comparative analysis against leading competitors, Webroot SecureAnywhere Business Endpoint Protection was the only endpoint security product in the group that protected against 100% of the malware tested within a 24 hour period.
2. More Malicious IP Addresses Launching Attacks
Throughout 2015, approximately 32 million new malicious addresses were discovered. Automatically blocking inbound traffic from malicious IP addresses can be one of the most effective ways to prevent attacks, but modern cybercriminals often evade detection by changing hosts and IP addresses frequently. To combat this tactic, the Webroot IP blacklist is constantly updated, ensuring such changes are rapidly detected and mitigated, thus minimizing the window of opportunity for malware designers and other attackers.
Webroot actively monitors the entire IPv4 space and in-use IPv6 to provide a dynamic blacklist of high-risk IP addresses to protect Webroot customers and for integration into Webroot partners’ security devices via BrightCloud IP Reputation services. IT security administrators can easily identify threats by type and protect their networks from malicious IP categories, including Windows exploits, web attacks, phishing, botnets, denial of service, scanners, proxies, reputation, spam sources, and mobile threats.
3. Even “Good” Websites can be Risky
New websites are emerging at astonishing rates, and many don’t have sufficient security to protect themselves or their visitors. Other sites are overtly malicious, expressly designed to take advantage of users by delivering malware or executing phishing and other forms of attack.
To keep up with the speed of website changes, Webroot continuously classifies and monitors the reputations of URLs, having analyzed over 27 billion URLs to date. This process occurs across 83 primary content categories to help enterprises secure users against online threats, control internet usage, and ensure compliance by implementing sensible web access policies. In addition, Webroot uses a reputation scoring to assess the risk of a specific URL based on its site history, age, rank, location, networks, links, and real-time performance, as well as other contextual and behavioral trends, regardless of content category.
Get More Info
Download the complete Webroot 2016 Threat Brief to get in-depth information on the trends we’ve touched upon above. In our next post, we’ll be tackling other trends, such as shifts in phishing targets and why mobile apps are riskier than ever. Check back soon!
Want to find out if Webroot has what it takes to protect your customers? See for yourself with a no-risk FREE trial. You don’t even have to uninstall existing security.
Want to learn more about how Webroot partners with MSPs to delight customers, lower costs, and boost profits? Learn more.
Webroot offers cloud-based, real-time internet threat detection solutions for MSPs and their customers. Read all Webroot guest blogs here.