An increasingly elusive and sophisticated class of online attack kits is posing a far greater threat to enterprises than most realise, according to researchers with HP.
Jason Jones, an ASI team lead for HP's DV Labs security division, told V3 that exploit tools, such as the Blackhole platform, are becoming harder to track and detect for security researchers and anti-malware vendors.
In some cases, researchers are finding attacks capable of infecting as much as 80 per cent of the systems targeted.
"They are able to hide the exploit code from detection while its passing over the wire," Jones explained.
Further complicating matters, said Jones, was the growing complexity and sophistication of the malware market. As cybercriminals invest more money in attack kits, the malware developers are able to provide improved management and support systems, such as regular software updates, analytics and web management portals.
The growth is occurring at a time when many firms are preoccupied with the growth in advanced persistent threat (APT) attacks. With incidents such as the Shady RAT and Flame outbreaks dominating headlines,
Jones believes that by fixating on APTs and zero-day attacks, many firms are leaving themselves open to infections from the far more prevalent crop of web-based exploit kits.
IT chiefs often worry about the threat of so-called zero-day attacks but forget to install patches for known vulnerabilities, leaving them at far greater risk of attack, he said.
"Making sure you are patched first and then worrying about the unknown would be a better mindset."
Attack revealed bugs and potential security flaws that were later exploited in real-world cyber attacks
5G products could start appearing from 2019 - but networks may take some time catching up
Spending will rise as companies continue to adopt technologies like 3D printing, AI and VR
Software-defined networking can centralise management of your global network, improving security and helping to optimise applications