Malware is now off-the shelf, finds Websense study

23rd April 2015
Malware is now off-the shelf, finds Websense study

Mumbai, April 23, 2015: Global Net security leader,  Websense, says  cybercrime is getting easier,  and malware is now a service you can buy and unleash.
The Websense Security Labs 2015 Threat Report looks at how threat actors are gaining capabilities through the adoption of cutting-edge tools instead of technical expertise. "Cyber threats in 2014 combined new techniques with the old, resulting in highly evasive attacks that posed a significant risk for data theft," said Charles Renert, vice president of security research for Websense. "In a time when Malware-as-a-Service means more threat actors than ever have the tools and techniques at hand to breach a company’s defenses, real-time detection across the Kill Chain is a necessity.”
The Report details eight key behavioral and technique based trends, along with actionable information and guidance to assist security professionals in planning their network defense strategy.
Top findings include:
Cybercrime Just Got Easier: In this age of MaaS (Malware-as-a-Service), even entry level threat actors can successfully create and launch data theft attacks due to greater access to exploit kits for rent, MaaS, and other opportunities to buy or subcontract portions of a complex multi-stage attack.
Something New or Déjà Vu? Threat actors are blending old tactics, such as macros, in unwanted emails with new evasion techniques. Old threats are being “recycled” into new threats launched through email and web channels, challenging the most robust defensive postures. Email, the leading attack vector a decade ago, remains a very potent vehicle for threat delivery, despite the now dominant role of the web in cyberattacks
Digital Darwinism - Surviving Evolving Threats: Threat actors have focused on the quality of their attacks rather than quantity. Websense Security Labs observed 3.96 billion security threats in 2014, which was 5.1 percent less than 2013. Yet, the numerous breaches of high profile organizations with huge security investments attest to the effectiveness of last year’s threats.
IoT – The threat multiplier: The Internet of Things (IoT) will magnify exploitation opportunities as it grows to an estimated range of 20-50 billion connected devices by 2020. IoT offers previously unimaginable connectivity and applications, yet ease of deployment and the desire to innovate often override security concerns.
The  FULL Websense Security Labs 2015  can be found here