Home | About Us | News & Events | Our Solutions | Products | Resource Center | Contact Us | Client Portal | FAQs | CSR | Support
Messagelabs africa
     
  Need to protect email and your network now........ Sign up for free trial  
     
     
  Domain/web Hosting  
escan antivirus
Web Design
     
     
  Sangari  
     
     
  NetFilter Firewall  
     
     
  Eldura  
     
     
 

News


The indiscriminate mass mailing of infected code is fast being replaced by targeted attacks that use ‘cyber tricks’ to bait the hook. Online crime is evolving rapidly – and fast becoming more sophisticated and widespread, more determined and devious. And as attacks become more targeted, they’re more effective.

It’s most recent and most powerful manifestation is the multi-vector (or blended or hybrid) attack. Vectors are all the various connections a computer can make – and thus the way in which malicious code can infect your organization. Vectors include email (SMTP), web browsing (HTTP), instant messaging, peer-to-peer networks, file sharing and Wi-fi.

An example of a multi-vector attack involves an email entering an organization and then enticing an unsuspecting user to activate an embedded link to a malicious website that infects the targeted network or computer. The attack jumps from one communication type to another, such as from email to web browsing.

Due to the level of stealth-like approach of these multi-vector attacks, it is far more difficult for traditional security software solutions to identify and remedy these approaches in real-time. The bottom line result is that your employees within your organization could be at risk without you or them realizing it, causing the potential for lost productivity, system downtime and/or financial loss.

Before the advent of multi-vector attacks, cyber crime came in three basic shapes: viruses, Trojans or worms, which infect a computer and then propagate, choking bandwidth and disabling networks. Viruses and worms can also carry payloads – from irritating messages to highly destructive, costly commands, such as rolling back security measures and corrupting databases.

Unlike viruses, worms and trojans, which have a single mode of infection and usually require user activation, multi-vector, hybrid or blended threats spread in multiple ways, using email, instant messaging and peer-to-peer networks and exploiting web browser vulnerabilities. Multi-vector attacks are designed to evade single point security solutions and propagate as fast as possible. The huge rise in spam rates – estimated at between 70 and 87 per cent of all emails – combined with our increasing everyday use of the internet – makes us particularly vulnerable to the new multi-vector attacks.

Phishing is one of the most prevalent forms of a multi-vector attacks – and it is on the rise. Phishing, and its even more targeted variant, spear phishing (targeting specific individuals within an organization such as the finance director or MD), is nothing more than a traditional confidence trick. But its criminal power is increased exponentially by the power of the Internet through the use of spam.

Fake websites that are near-perfect replicas of a real business’s website – except for a slightly incorrect web address and a missing or invalid digital certificate – are posted on the web. The criminals then unleash millions of spam emails, which also replicate the business’s official communications. The spam directs recipients to the fake website and asks them to log in, providing confidential passwords and financial information. The replicas are so convincing that the Anti-Phishing Working Group estimates that around 30% of recipients click on the links, and 10% actually enter their confidential information.

Page 4 of 9 <<prev next>>

 
     
 
 
  Contact US | Private policy | Terms and Conditions | © 2009 MessageLabsAfrica