It is that time of year again; time for the annual iDefense Cyber Threats and Trends Report. The guys in the back room just finished putting the final touches on this year’s comprehensive report for customers and have the live copy under some pretty tight security. You are in luck though. I was able to call in some favors to get a sneak peek. This year’s report is a doozy. Let me attempt to dazzle you with 3 highlights. We are calling these things Key Findings and there 8 of them in the final report.
- Key Finding #1: The inadvertent leak of the Zeus source code in 2011 effectively converted the Zeus banking Trojan from a proprietary, pay-per-use crime kit into an open-source crime kit; sort of like LINUX for malware authors. The source code quickly spread across the Internet via underground websites and file-sharing sites giving malware authors across the globe access to a powerful and well-written malware platform. Expect to see a bounty of Zeus infections in 2012.
- Key Finding #2: Cyber criminals are starting to shift to a business model known as Malware-as-a-Service (MaaS), cleverly riffing off the common cloud computing vernacular: Infrastructure as a Service – IaaS, Software as a Service – SaaS and Platform as a Service – PaaS. With MaaS, malware authors of exploit kits offer extra services to customers in addition to the exploit kit itself. They are adding value to their products to distinguish themselves in a crowded market place. As the general manager of iDefense, I could learn a thing or two about how to run a business from these guys.
- Key Finding #3: The deployment of sandbox technology to common application platforms like browsers and word processors has made exploiting vulnerabilities significantly more difficult. As of today, only two public demonstrations of bypassing sandboxes exist in environments that use and support defense-in-depth strategies such as Address Layout Randomization (ASLR) and Data Execution Prevention (DEP). None of the public demonstrations included any public exploit code; however, the catch is that you have to have all 3 of these technologies in place for complete protection. If you have not rolled them out in your enterprise yet, I suggest that you consider doing so.
We recently released our comprehensive 73-page report to iDefense customers and will release an abbreviated public version sometime in January. Stay tuned!
Until then, chek out last year's Cyber Threats and Trends Report to see how we fared with our predictions.