As Malware Attacks Increase, IT Industry Turns to Data for Detection
Around 80 percent of IT security professionals polled in a new survey say malware attacks have already targeted their companies’ mobile endpoints in 2016. This is an increase from 68 percent in 2015.
Malware Attacks Increasingly Common, Sophisticated
According to InformationWeek, the Ponemon Institute survey on endpoint technology in the IT space found that 56 percent of respondents say malware infiltration is increasingly hard to spot. The attacks under consideration focus on laptops, desktops, smartphones, printers, point-of-sale technology and ATMs.
Key exploits over the past year include zero-day attacks (71 percent) that leverage previously undisclosed software vulnerabilities and distributed denial-of-service attacks (68 percent).
According to Business Reporter, the primary entry points for malware in the enterprise sector include the following:
- Laptops (43 percent);
- Smartphones (30 percent);
- Tablets (19 percent);
- USB sticks (6 percent).
The source notes that 86 percent of experts believe mobile will be the greatest endpoint malware attack vector in coming years.
Internal soft spots are also part of the problem, with 81 percent of respondents saying employees pose the largest security threat to companies, as opposed to malicious hackers. The problem is centered on employee disregard and carelessness when it comes to established security protocols.
IT Professionals Concerned About Response Capabilities
Responsive capabilities to these threats are also a concern. Fifty-six percent of the IT professionals polled said their firms are not equipped to deal with malware attacks, according to Business Reporter.
Sixty percent of the IT experts surveyed said a common strategy will be a data-focused and increasingly proactive approach to security moving forward. Threat intelligence, which is provided by data fed from the endpoint devices to IT departments, should increasingly allow them to detect and respond to malware attacks before vulnerabilities are exploited and the attack is successful. In essence, laptops, smartphones, tablets and the like become sensors, and state or context data collected at the endpoint is used to determine whether it has been or is being compromised. Organizations that are unsure of their ability to combat malware may want to take data-driven security strategies into consideration.