Comparatively, web-browsing dominated bothĬategories, accounting for 68% of total malware, but over 90% of undetected samples. While web-browsing was found to be the leading source of malware both in terms of total malware as well as undetected malware, the application mix was very different between the two groups.įor example, SMTP accounted for 25% of the total malware, but only 2% of the fully undetected malware. Given that the samples were captured by the firewall, we were able to identify the application that carried the malware. The Modern Malware Review (March 2013), a statistical analysis performed by Palo Alto Networks which focused on malware that – “industry-leading antivirus products” failed to detect – noted a persistent trend.ĩ0% of unknown malware delivered via web-browsing And, part of that strategy includes, raising barriers at the doorway to the system – the Internet browser. So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users.
Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing those gaps. Gaps exist in protection capabilities in even the most sophisticated security applications. Given existing technology, no single security application is capable of providing adequate computer system protection. Employing layered security should (I emphasize should), lead to the swift detection of malware, before any damage occurs on the targeted system. In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so is – the implementation of a layered security approach. So, knowledge and experience, are critical ingredients in the never ending and escalating battle against cybercriminals. The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. Cybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware (untrained) computer users, in which user interaction is required – on the other hand.