Welcome!

Cloud Security Authors: Elizabeth White, Donald Meyer, Pat Romanski, Liz McMillan, Ed Featherston

News Feed Item

Blue Coat Examines Malware Ecosystems in 2011 Mid-Year Web Security Report

Report Identifies 10 Largest Malware Delivery Networks and Traces User Entry Points Into the Networks

SUNNYVALE, CA -- (Marketwire) -- 07/06/11 -- Blue Coat Systems, Inc. (NASDAQ: BCSI), a leading provider of Web security and WAN optimization solutions, today released its 2011 Mid-Year Web Security Report, which examines Web-based malware ecosystems, including the 10 largest malware delivery networks. These malware delivery networks are typically hosted across multiple sites and are responsible for launching dynamic attacks on unsuspecting users. The report examines the interactions of malware ecosystems, including user behavior, malware hosting sites and delivery networks.

"Web-based malware has become so dynamic that it is nearly impossible to protect every user from every new attack with traditional defenses," said Steve Daheb, chief marketing officer and senior vice president at Blue Coat Systems. "With a unique comprehensive view of the Web ecosystem, Blue Coat Web security solutions can identify and track malware networks to proactively protect customers from new attacks that these networks attempt to launch."

For the first half of 2011, Shnakule was the leading malware delivery network, both by size and effectiveness. On average during that period, this network had 2,000 unique host names per day with a peak of more than 4,300 per day. It also proved the most adept at luring users in, with an average of more than 21,000 requests and as many as 51,000 requests in a single day. Shnakule is a broad-based malware delivery network whose malicious activities include drive-by downloads, fake anti-virus and codecs, fake flash and Firefox updates, fake warez, and botnet/command and controls. Interrelated activities include pornography, gambling, pharmaceuticals, link farming, and work-at-home scams.

Not only is Shnakule far reaching as a standalone malware delivery network, it also contains many large component malware delivery networks. Ishabor, Kulerib, Rabricote and Albircpana, which all appear on the top 10 list of largest malware delivery networks, are actually components of Shnakule and extend its malicious activities to gambling-themed malware and suspicious link farming.

The 2011 Mid-Year Web Security Report also analyzes how and where on the Internet users are brought into malware delivery networks. In the first half of 2011, search engine poisoning was the most popular malware vector. In nearly 40 percent of all malware incidents, Search Engines/Portals were the entry point into malware delivery networks. Unsurprisingly, Search Engines/Portals were also the most requested Web content during the same time period. Social Networking was the fifth most popular entry point into malware delivery networks and the third most requested content.

While cybercrime typically targets users where they spend the most time, as in the case of search engines and social networking, in the first half of 2011, they also used traditional methods, such as email and pornography. Email was the third most popular category of Web content used to drive users to a malware network although the category only ranked as the 17th most requested category. Pornography, a longtime favorite malware target, was virtually tied with Email and was the 4th most popular way to lure users to malware, although it was only the 20th most requested category.

After analyzing the dynamic and interrelated nature of Web-based malware ecosystems, the 2011 Mid-Year Web Security Report concludes that:

  • Malware hosting is often found within categories, such as Online Storage and Software Downloads, that companies typically allow in acceptable use policies.
  • Businesses should consistently block Pornography, Placeholders, Phishing, Hacking, Online Games and Illegal/Questionable categories to follow best practices for Web security.
  • Searching for images and pirated media ranks at the top of the list for possible malware delivery, and users engaging in these activities are especially vulnerable.
  • A single defense layer, such as a firewall or anti-virus software, is insufficient to protect against the dynamic nature of malware and the extensive infrastructure of malware delivery networks. Instead, businesses need the real-time protection and intelligence that a cloud-based Web defense can deliver as it quickly expands and adapts to new threats.

The data in the report is derived from the Blue Coat WebPulse™ collaborative cloud defense and analyzed by the Blue Coat Security Labs. WebPulse unites over 75 million users in a real-time web defense and provides a comprehensive view into Web ecosystems by rating and analyzing nearly 3 billion real-time URL requests per week. With its view into the Web, WebPulse can correlate dynamic lures with delivery paths and dynamic payloads to provide real-time protection against new and emerging threats.

WebPulse provides on-demand intelligence for the Blue Coat Web Security product portfolio, including its Secure Web Gateway solution and the Blue Coat Cloud Service. WebPulse uniquely protects against malware downloads, phishing and spear-phishing attacks, and malicious call-home traffic from botnet infected systems.

Additional Resources
2011 Mid-Year Web Security Report
http://www.bluecoat.com/doc/16622

Images: Top Five Malware Delivery Networks
http://www.flickr.com/photos/bluecoatsystems/sets/72157627000077603/

About Blue Coat Systems
Blue Coat Systems is a leading provider of Web security and WAN optimization solutions. Blue Coat offers solutions that provide the visibility, acceleration and security required to optimize and secure the flow of information to any user, on any network, anywhere. This application intelligence enables enterprises to tightly align network investments with business requirements, speed decision making and secure business applications for long-term competitive advantage. Blue Coat also offers service provider solutions for managed security and WAN optimization, as well as carrier-grade caching solutions to save on bandwidth and enhance the end-user Web experience. For additional information, please visit www.bluecoat.com.

Blue Coat, WebPulse and the Blue Coat logo are registered trademarks or trademarks of Blue Coat Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contacts
Jennifer Arculeo Ruzicka
Blue Coat Systems
[email protected]
408-541-3330

Danielle Ostrovsky
Merritt Group
[email protected]
703-390-1537

Investor Contact
Jane Underwood
Blue Coat Systems
[email protected]
408-541-3015

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
The IoTs will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, will demonstrate how to move beyond today's coding paradigm and share the must-have mindsets for removing complexity from the development proc...
SYS-CON Events announced today TechTarget has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. TechTarget is the Web’s leading destination for serious technology buyers researching and making enterprise technology decisions. Its extensive global networ...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management...
The essence of data analysis involves setting up data pipelines that consist of several operations that are chained together – starting from data collection, data quality checks, data integration, data analysis and data visualization (including the setting up of interaction paths in that visualization). In our opinion, the challenges stem from the technology diversity at each stage of the data pipeline as well as the lack of process around the analysis.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
Designing IoT applications is complex, but deploying them in a scalable fashion is even more complex. A scalable, API first IaaS cloud is a good start, but in order to understand the various components specific to deploying IoT applications, one needs to understand the architecture of these applications and figure out how to scale these components independently. In his session at @ThingsExpo, Nara Rajagopalan is CEO of Accelerite, will discuss the fundamental architecture of IoT applications, ...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device. For more information, please visit https://www.mangoapps.com/.
SYS-CON Events announced today that Tintri Inc., a leading producer of VM-aware storage (VAS) for virtualization and cloud environments, will exhibit at the 18th International CloudExpo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic, Inc., provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Ful...
In his session at 18th Cloud Expo, Bruce Swann, Senior Product Marketing Manager at Adobe, will discuss how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects). Bruce Swann has more than 15 years of experience working with digital marketing disciplines like web analytics, social med...
SYS-CON Events announced today Object Management Group® has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that EastBanc Technologies will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. EastBanc Technologies has been working at the frontier of technology since 1999. Today, the firm provides full-lifecycle software development delivering flexible technology solutions that seamlessly integrate with existing systems – whether on premise or cloud. EastBanc Technologies partners with p...
SYS-CON Events announced today that ContentMX, the marketing technology and services company with a singular mission to increase engagement and drive more conversations for enterprise, channel and SMB technology marketers, has been named “Sponsor & Exhibitor Lounge Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York. “CloudExpo is a great opportunity to start a conversation with new prospects, but what happens after the...
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, will discuss the importance of WebRTC and how it enables companies to fo...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discuss how businesses can gain an edge over competitors by empowering consumers to take control through IoT. We'll cite examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He'll also highlight how IoT can revitalize and restore outdated business models, making them profitable...
Customer experience has become a competitive differentiator for companies, and it’s imperative that brands seamlessly connect the customer journey across all platforms. With the continued explosion of IoT, join us for a look at how to build a winning digital foundation in the connected era – today and in the future. In his session at @ThingsExpo, Chris Nguyen, Group Product Marketing Manager at Adobe, will discuss how to successfully leverage mobile, rapidly deploy content, capture real-time d...
What a difference a year makes. Organizations aren’t just talking about IoT possibilities, it is now baked into their core business strategy. With IoT, billions of devices generating data from different companies on different networks around the globe need to interact. From efficiency to better customer insights to completely new business models, IoT will turn traditional business models upside down. In the new customer-centric age, the key to success is delivering critical services and apps wit...
Join us at Cloud Expo | @ThingsExpo 2016 – June 7-9 at the Javits Center in New York City and November 1-3 at the Santa Clara Convention Center in Santa Clara, CA – and deliver your unique message in a way that is striking and unforgettable by taking advantage of SYS-CON's unmatched high-impact, result-driven event / media packages.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
SYS-CON Events announced today that BMC Software has been named "Siver Sponsor" of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. BMC is a global leader in innovative software solutions that help businesses transform into digital enterprises for the ultimate competitive advantage. BMC Digital Enterprise Management is a set of innovative IT solutions designed to make digital business fast, seamless, and optimized from mainframe to mo...