An increasingly elusive and sophisticated class of online attack kits is posing a far greater threat to enterprises than most realise, according to researchers with HP.
Jason Jones, an ASI team lead for HP's DV Labs security division, told V3 that exploit tools, such as the Blackhole platform, are becoming harder to track and detect for security researchers and anti-malware vendors.
In some cases, researchers are finding attacks capable of infecting as much as 80 per cent of the systems targeted.
"They are able to hide the exploit code from detection while its passing over the wire," Jones explained.
Further complicating matters, said Jones, was the growing complexity and sophistication of the malware market. As cybercriminals invest more money in attack kits, the malware developers are able to provide improved management and support systems, such as regular software updates, analytics and web management portals.
The growth is occurring at a time when many firms are preoccupied with the growth in advanced persistent threat (APT) attacks. With incidents such as the Shady RAT and Flame outbreaks dominating headlines,
Jones believes that by fixating on APTs and zero-day attacks, many firms are leaving themselves open to infections from the far more prevalent crop of web-based exploit kits.
IT chiefs often worry about the threat of so-called zero-day attacks but forget to install patches for known vulnerabilities, leaving them at far greater risk of attack, he said.
"Making sure you are patched first and then worrying about the unknown would be a better mindset."
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal
Microsoft, Google and Samsung all targeted as Avast admits to the scale of the CCleaner compromise
Not all loose ends tied yet, admits Bain backer SK Hynix