Web-delivered malware is a persistent and pervasive threat that is also the cause of a lot of misunderstanding in the marketplace. Below are answers to just a few of the often asked questions, including how organizations can best protect themselves.
What is web-delivered malware?
As the most successful method of attack, web-delivered malware is hostile code that comes in through the browser, as opposed to by email or direct attack over the network.
The problem is that existing anti-malware solutions do not adequately protect businesses against browser-based infections, and an estimated 90 percent of corporate security breaches come through the web. While the malware itself is generally the same, it uses browser-specific exploits to gain access.
Why haven’t the anti-malware companies come up with a workable solution?
The web creates a uniquely difficult security problem.
Firewalls have to allow users to visit an enormous range of possible websites where they may access or download a huge range of content. Unfortunately, it’s nearly impossible for a firewall to know whether the user actually wanted a given file, or if the browser was tricked into requesting it.
As a result, anti-malware signatures struggle to keep up with the rapid evolution of exploits and the sophistication of the techniques used to disguise the payloads. In fact, it takes on average four times as long to detect web malware as it does to detect email malware.
Plus, the nature of today’s browser in itself creates a giant security problem. Any one of its components, such as plug-ins or full computer languages, could and often do introduce vulnerabilities which allow attackers to compromise the endpoint to deliver malware.
Is there a realistic way to protect my organization?
The simple answer: It’s time to adopt a new approach to security. Organizations can take a handful of steps such as turning off all non-security related plug-ins, using a VPN to reduce targeting effectiveness as well as running the browser within a virtual machine. The browser and associated web-delivered malware must be contained and isolated from valuable business data and infrastructure. This simultaneously minimizes the damage from any attack, and makes mitigation much simpler.