According to a report by the Ponemon Institute, the malware issue in the enterprise sector is mostly due to browser insecurity issue. The study revealed that insecure web browsers caused 55 percent of malware infections on average last year and most of the respondents stated that their security tools aren’t capable of detecting malware coming through this source.
The findings inform that the average cost of responding and mitigating just a single security breach which is a result of malware detection technology failure is said to be around $62,000 per breach. The source surveyed 645 IT security practitioners directly involved in their organization’s efforts to detect and contain malware threats at US firms with an average of above 14,000 employees.
“The findings of this research reveal that current solutions are not stopping the growth of web-borne malware,” stated founder and chairman of Ponemon Institute Dr. Larry Ponemon. “Almost all IT practitioners in our study agree that their existing security tools are not capable of completely detecting web-borne malware and the insecure web browser is a primary attack vector. Further, the findings are evidence of the need for a more effective solution to stop web-borne malware.”
69 percent of security and IT professionals believe that browser-borne malware is a greater threat today than it was a year ago, and is more serious than other forms of malware infections. This places them in a difficult situation, as most of the current security solutions incorporated within organizations are unable to address the problem and are letting malware through. Even content analysis and sandboxes were reported by 38 percent to be ineffective at detecting malware coming via web-browsers.
The report indicates that several organizations are still struggling in combating malware risks. There’s also the problem of inertia at the basic level. Around 65 percent of IT pros reported that psychological dependency upon old methods of detection keeps their firms backed by traditional defense methods, which are seemingly ineffective.
To a certain extent, many organizations are dependent on the progress of major security vendors backing browsers. Still yet, many respondents say that web malware prevention is a low priority. The report informed that the IT security budget for the annual year is $7.8 million, and 39 percent of the budget is spent on defense-and-depth security software and tools such as anti-virus, IPS, web gateways, which have come off as ineffective.
The report found that an average of 33 percent total security budget was allocated by organizations to stop web-borne attacks by 50 percent. To stop the attacks by 100 percent, they would have to assign 50 percent of the budget.
“Every time you allow unknown code into your network, you put yourself and your business at risk. This is why browser isolation outside the network is so important. It is the only way to prevent this problem.”
What can organizations do?
Bug bounty rewards given by companies has benefited browsers such as Google Chrome. In 2014, half of the bugs pertaining to this browser were discovered in the beta versions of these browsers by independent researchers. But apart from these developments, what can organizations do on their own to make sure they have something in place to detect the malware if their antivirus fails?
Massive’s malicious hosts and IP feed provides a dataset that includes the domain, URL information and IP address of the malware hashes responsible for infecting systems. These feeds are updated hourly and the information is provided in XML format. Such feeds in place can detect compromise of accounts, devices and networks, regardless the source of the malware.
With such implementations, organizations can reduce damages pertaining to web-borne malware.