'Malnets' will become major online security issue in 2012: report

Most malware attacks target users on their desktops and laptops, but mobile devices are becoming much more enticing options for cyber criminals, according to a new report.

Nearly two-thirds of all new cyber attacks will derive from malware networks, according to a new report from web security and WAN solutions provider Blue Coat.

Blue Coat senior malware researcher Chris Larsen monitored underground malware networks (or "malnets" as he refers to them) to demonstrate how criminal organizations are using similar baselines in order to execute different attacks.

Often times, the criminals rent access to these networks for just a few thousand dollars to execute the attack and then shut down immediately.

Larsen explained in the report that malnets enable cybercriminals to launch significant attacks that typically are dangerously not detected by traditional anti-virus solutions for days or even months.

Malnets are too dynamic for even defenses that inspect content in real time, to keep pace. These new infrastructures demand a new type of security to protect against corporate data loss, financial or identity theft, and other costly consequences.

Businesses need a proactive defense that can stop attacks before they launch by identifying and blocking the source. The key to this type of defense is to understand malnets, their structure, their targets and their strategy.

The report covers five of the top types of malnets, which are explained in the diagram below, ranging from fake Firefox updates to scams to regular old spam.

Certainly, the frequency of these attacks vary by country, but the potential for these attacks to hit as many people at once all over the world is growing as social networks expand.

The report points out that as businesses further utilize social media for marketing and building relationships with both customers and partners, these become bigger targets (just like mobile devices) for cyber criminals, especially considering how new (and therefore, unprotected) these sources can be.

Nevertheless, Blue Coat researchers warn than businesses shouldn't simply block social networks or ignore them, but rather learn to control the risks associated with them.

To fully leverage the benefit of web applications and content, businesses must have detailed analysis and control, not just of social networking sites, but also of the individual web applications and content within those sites. Additionally, they need to be able to filter out any malicious links from within the allowable content.

Image via Blue Coat