Websense 2010 Threat Report: Advanced, Blended Threats Laser-Focused on Attacking Business and Infrastructure

Share Article

Websense Security Labs predicts 2011 will bring more targeted attacks on content through new blended vectors – many focused on nationalistic and economic cyberterrorism

The continued rise of organized cybercriminal gangs and the emergence of targeted advanced malware threats are the most concerning trend we've seen

News Facts

  • Significant findings from the Websense® 2010 Threat Report affirm that while broad cyber threats continue – focused, targeted, blended attacks are on the rise. Many of these attacks use new tricks and methods of delivery. Script-based attacks, blended email campaigns, and SEO poisoning were all common in 2010. The majority of attacks in 2010 focused on the same thing: stealing data. Key findings include:
  • A 111.4 percent increase in the number of malicious websites from 2009 to 2010
  • 79.9 percent of websites with malicious code were legitimate sites that have been compromised
  • 52 percent of data-stealing attacks were conducted over the Web
  • 34 percent of malicious Web/HTTP attacks included data-stealing code
  • 89.9 percent of all unwanted emails in circulation during this period contained links to spam sites and/or malicious websites
  • The United States and China continued to be the top two countries hosting crimeware and receiving stolen data during 2010; the Netherlands has found its way into the top five
  • Searching for breaking news represented a higher risk (22.4 percent) than searching for objectionable content (21.8 percent)
  • 23 percent of real-time search results on entertainment lead to a malicious link
  • 40 percent of all Facebook status updates have links and 10 percent of those links are either spam or malicious
  • The Websense 2010 Threat Report conclusions are based on the analysis of Websense Security Labs™ researchers, who rely on their ThreatSeeker® Network, which every hour scans more than 40 million websites for malicious code and nearly 10 million emails for unwanted content and malicious code.
  • The 2010 evidence and metrics suggest that cybercriminals and their blended attacks are having a field day taking advantage of security gaps left open by legacy technologies like firewalls, antivirus, and simple URL blockers. Companies today need a unified security architecture to protect against modern threats.
  • In the report, Websense Security Labs also predicts threat trends for 2011. Included in the predictions is an analysis of future blended threats, terrorism, and data loss over the dynamic Web that demonstrate the potential for targeted 2011 cyberterrorism attacks.

Quote(s):
“The continued rise of organized cybercriminal gangs and the emergence of targeted advanced malware threats are the most concerning trend we’ve seen,” said Dan Hubbard, chief technology officer, Websense. “Security needs to move ahead of the attackers and focus on contextual classification in order to thwart them. Simple binary access controls and castle and moat security will not solve the complex attacks we see today. These are precisely the type of threats we have in mind when we build Websense security products.”

“Whether it is your company’s sensitive financial information, your social networking, or online banking credentials, that content has tremendous value,” said Devin Redmond, vice president of Business Development, Product Management and Marketing, Websense. “With so many intertwined vectors, these threats demand a new approach to security that looks at both inbound and outbound content. To protect against today’s blended and sophisticated threats, companies need to plug the spaces left by a scattershot spraying of point solutions and move to a unified security architecture that protects their content.”

Multimedia Elements:

A full copy of the Websense 2010 Threat Report, video introduction and background materials can be viewed at: http://www.websense.com/2010threatreport

Click to view a behind-the-scenes video featuring Websense Labs top security researchers explaining the Websense Advanced Classification Engine (ACE). ACE is Websense’s unique and proprietary real-time content classification tool, which protects customers against the most complex known and unknown Web threats and data leakage.

Click to share “Websense 2010 Threat Report: Advanced, Blended Threats Laser-Focused on Attacking Business and Infrastructure” on Facebook.

Click to share the Websense 2010 Threat Report video on Facebook.

Click to share on Twitter:    
There was a 111.4% increase in malicious websites from 2009-2010! Check out the Websense 2010 Threat Report 4 more threat info bit.ly/ak8GcjWebsense Links:Facebook: http://www.facebook.com/websense [“Like” Websense

.

Twitter: Follow @Websense.

About Websense:
Websense, Inc. (NASDAQ: WBSN), a global leader in unified Web, data and email content security solutions, delivers the best security for modern threats at the lowest total cost of ownership to tens of thousands of enterprise, mid-market and small organizations around the world. Distributed through a global network of channel partners and delivered as software, appliance and software-as-a-service (SaaS), Websense content security solutions help organizations leverage new communication, collaboration, and Web 2.0 business tools while protecting from advanced persistent threats, preventing the loss of confidential information and enforcing Internet use and security policies. Websense is headquartered in San Diego, California with offices around the world. For more information, visit websense.com.

Contact:
Patricia Hogan
Websense
(858) 320-9393
phogan(at)websense(dot)com

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Patricia Hogan
Websense
858-320-9393
Email >
Visit website