Click here to close now.



Welcome!

Cloud Security Authors: Peter Galvin, Sanjay Zalavadia, Elizabeth White, Liz McMillan, Stefano Stabellini

News Feed Item

Blue Coat Examines Malware Ecosystems in 2011 Mid-Year Web Security Report

Report Identifies 10 Largest Malware Delivery Networks and Traces User Entry Points Into the Networks

SUNNYVALE, CA -- (Marketwire) -- 07/06/11 -- Blue Coat Systems, Inc. (NASDAQ: BCSI), a leading provider of Web security and WAN optimization solutions, today released its 2011 Mid-Year Web Security Report, which examines Web-based malware ecosystems, including the 10 largest malware delivery networks. These malware delivery networks are typically hosted across multiple sites and are responsible for launching dynamic attacks on unsuspecting users. The report examines the interactions of malware ecosystems, including user behavior, malware hosting sites and delivery networks.

"Web-based malware has become so dynamic that it is nearly impossible to protect every user from every new attack with traditional defenses," said Steve Daheb, chief marketing officer and senior vice president at Blue Coat Systems. "With a unique comprehensive view of the Web ecosystem, Blue Coat Web security solutions can identify and track malware networks to proactively protect customers from new attacks that these networks attempt to launch."

For the first half of 2011, Shnakule was the leading malware delivery network, both by size and effectiveness. On average during that period, this network had 2,000 unique host names per day with a peak of more than 4,300 per day. It also proved the most adept at luring users in, with an average of more than 21,000 requests and as many as 51,000 requests in a single day. Shnakule is a broad-based malware delivery network whose malicious activities include drive-by downloads, fake anti-virus and codecs, fake flash and Firefox updates, fake warez, and botnet/command and controls. Interrelated activities include pornography, gambling, pharmaceuticals, link farming, and work-at-home scams.

Not only is Shnakule far reaching as a standalone malware delivery network, it also contains many large component malware delivery networks. Ishabor, Kulerib, Rabricote and Albircpana, which all appear on the top 10 list of largest malware delivery networks, are actually components of Shnakule and extend its malicious activities to gambling-themed malware and suspicious link farming.

The 2011 Mid-Year Web Security Report also analyzes how and where on the Internet users are brought into malware delivery networks. In the first half of 2011, search engine poisoning was the most popular malware vector. In nearly 40 percent of all malware incidents, Search Engines/Portals were the entry point into malware delivery networks. Unsurprisingly, Search Engines/Portals were also the most requested Web content during the same time period. Social Networking was the fifth most popular entry point into malware delivery networks and the third most requested content.

While cybercrime typically targets users where they spend the most time, as in the case of search engines and social networking, in the first half of 2011, they also used traditional methods, such as email and pornography. Email was the third most popular category of Web content used to drive users to a malware network although the category only ranked as the 17th most requested category. Pornography, a longtime favorite malware target, was virtually tied with Email and was the 4th most popular way to lure users to malware, although it was only the 20th most requested category.

After analyzing the dynamic and interrelated nature of Web-based malware ecosystems, the 2011 Mid-Year Web Security Report concludes that:

  • Malware hosting is often found within categories, such as Online Storage and Software Downloads, that companies typically allow in acceptable use policies.
  • Businesses should consistently block Pornography, Placeholders, Phishing, Hacking, Online Games and Illegal/Questionable categories to follow best practices for Web security.
  • Searching for images and pirated media ranks at the top of the list for possible malware delivery, and users engaging in these activities are especially vulnerable.
  • A single defense layer, such as a firewall or anti-virus software, is insufficient to protect against the dynamic nature of malware and the extensive infrastructure of malware delivery networks. Instead, businesses need the real-time protection and intelligence that a cloud-based Web defense can deliver as it quickly expands and adapts to new threats.

The data in the report is derived from the Blue Coat WebPulse™ collaborative cloud defense and analyzed by the Blue Coat Security Labs. WebPulse unites over 75 million users in a real-time web defense and provides a comprehensive view into Web ecosystems by rating and analyzing nearly 3 billion real-time URL requests per week. With its view into the Web, WebPulse can correlate dynamic lures with delivery paths and dynamic payloads to provide real-time protection against new and emerging threats.

WebPulse provides on-demand intelligence for the Blue Coat Web Security product portfolio, including its Secure Web Gateway solution and the Blue Coat Cloud Service. WebPulse uniquely protects against malware downloads, phishing and spear-phishing attacks, and malicious call-home traffic from botnet infected systems.

Additional Resources
2011 Mid-Year Web Security Report
http://www.bluecoat.com/doc/16622

Images: Top Five Malware Delivery Networks
http://www.flickr.com/photos/bluecoatsystems/sets/72157627000077603/

About Blue Coat Systems
Blue Coat Systems is a leading provider of Web security and WAN optimization solutions. Blue Coat offers solutions that provide the visibility, acceleration and security required to optimize and secure the flow of information to any user, on any network, anywhere. This application intelligence enables enterprises to tightly align network investments with business requirements, speed decision making and secure business applications for long-term competitive advantage. Blue Coat also offers service provider solutions for managed security and WAN optimization, as well as carrier-grade caching solutions to save on bandwidth and enhance the end-user Web experience. For additional information, please visit www.bluecoat.com.

Blue Coat, WebPulse and the Blue Coat logo are registered trademarks or trademarks of Blue Coat Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contacts
Jennifer Arculeo Ruzicka
Blue Coat Systems
[email protected]
408-541-3330

Danielle Ostrovsky
Merritt Group
[email protected]
703-390-1537

Investor Contact
Jane Underwood
Blue Coat Systems
[email protected]
408-541-3015

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Bradley Holt, Developer Advocate a...
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
SYS-CON Events announced today that Bsquare has been named “Silver Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. For more than two decades, Bsquare has helped its customers extract business value from a broad array of physical assets by making them intelligent, connecting them, and using the data they generate to optimize business processes.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. Big Data at Cloud Expo - to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA - has announced its Call for Papers is open. Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is...
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning techniques such as Cognitive Fingerprinting, wind project operators can utilize these tools to learn from collected data, detect regular patterns, and optimize their own operations. In his session at 18th Cloud Expo, Stuart Gillen, Director of Business Development at SparkCognition, discussed how research has demonstrated the value of Machine Learning in delivering next generation analytics to imp...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his Day 2 Keynote at @ThingsExpo, Henrik Kenani Dahlgren, Portfolio Marketing Manager at Ericsson, discussed how to plan to cooperate, partner, and form lasting all-star teams to change t...
Connected devices and the industrial internet are growing exponentially every year with Cisco expecting 50 billion devices to be in operation by 2020. In this period of growth, location-based insights are becoming invaluable to many businesses as they adopt new connected technologies. Knowing when and where these devices connect from is critical for a number of scenarios in supply chain management, disaster management, emergency response, M2M, location marketing and more. In his session at @Th...
SYS-CON Events announced today that ReadyTalk, a leading provider of online conferencing and webinar services, has been named Vendor Presentation Sponsor at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. ReadyTalk delivers audio and web conferencing services that inspire collaboration and enable the Future of Work for today’s increasingly digital and mobile workforce. By combining intuitive, innovative tec...
Amazon has gradually rolled out parts of its IoT offerings, but these are just the tip of the iceberg. In addition to optimizing their backend AWS offerings, Amazon is laying the ground work to be a major force in IoT - especially in the connected home and office. In his session at @ThingsExpo, Chris Kocher, founder and managing director of Grey Heron, explained how Amazon is extending its reach to become a major force in IoT by building on its dominant cloud IoT platform, its Dash Button strat...
industrial company for a multi-year contract initially valued at over $4.0 million. In addition to DataV software, Bsquare will also provide comprehensive systems integration, support and maintenance services. DataV leverages advanced data analytics, predictive reasoning, data-driven diagnostics, and automated orchestration of remediation actions in order to improve asset uptime while reducing service and warranty costs.
Vidyo, Inc., has joined the Alliance for Open Media. The Alliance for Open Media is a non-profit organization working to define and develop media technologies that address the need for an open standard for video compression and delivery over the web. As a member of the Alliance, Vidyo will collaborate with industry leaders in pursuit of an open and royalty-free AOMedia Video codec, AV1. Vidyo’s contributions to the organization will bring to bear its long history of expertise in codec technolo...