How to defend against malnets

The number of malnets has jumped 300 percent in the past six months, according to security firm Blue Coat Systems. While they are nearly impossible to kill, there are steps you can take to protect your organization.

By Thor Olavsrud, CIO |  Security, Blue Coat Systems

Given all this, how can an organization protect itself from the threats posed by malnets? The key, Van Der Horst says, is a proactive cyber defense that goes beyond today's largely signature-based defenses. A proactive cyber defense identifies the malnets delivering attacks and blocks them at the source, preventing attacks before they're launched.

"The primary thing that we do is we track their infrastructure," Van Der Horst says. "Even though they may change the paint or some labels, there's still underlying core stuff we can track. We call it server DNA. A brand new website may show up today, we do a scan of it and inspect its DNA."

"Once you start tracking the ecosystem, this infrastructure, you care less and less about the specific payload it's trying to deliver," he adds. "It doesn't matter what the exploit is, you know it's coming from a bad place."

Van Der Horst suggests five steps organizations can take to better protect themselves against malware threats:

1. Use a security solution that can block malnet infrastructures and limit employee exposure to botnet-producing Trojans.

2. Ensure your security solution can block communications from infected end-user systems to command and control servers to prevent sensitive, confidential or proprietary information from reaching the cyber-criminals.

3. Ensure that web usage policies are up-to-date and keep network/firewall rules current.

4. Deploy a reporting solution that can help you identify potentially infected end-user systems so you can quarantine and clean them.

5. Set and enforce policies that require employees to update their browsers, OS, Adobe Flash, Adobe Reader, Java and other applications with the latest patches and security updates.

Originally published on CIO |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question