An increasingly elusive and sophisticated class of online attack kits is posing a far greater threat to enterprises than most realise, according to researchers with HP.
Jason Jones, an ASI team lead for HP's DV Labs security division, told V3 that exploit tools, such as the Blackhole platform, are becoming harder to track and detect for security researchers and anti-malware vendors.
In some cases, researchers are finding attacks capable of infecting as much as 80 per cent of the systems targeted.
"They are able to hide the exploit code from detection while its passing over the wire," Jones explained.
Further complicating matters, said Jones, was the growing complexity and sophistication of the malware market. As cybercriminals invest more money in attack kits, the malware developers are able to provide improved management and support systems, such as regular software updates, analytics and web management portals.
The growth is occurring at a time when many firms are preoccupied with the growth in advanced persistent threat (APT) attacks. With incidents such as the Shady RAT and Flame outbreaks dominating headlines,
Jones believes that by fixating on APTs and zero-day attacks, many firms are leaving themselves open to infections from the far more prevalent crop of web-based exploit kits.
IT chiefs often worry about the threat of so-called zero-day attacks but forget to install patches for known vulnerabilities, leaving them at far greater risk of attack, he said.
"Making sure you are patched first and then worrying about the unknown would be a better mindset."
Microsoft claims Check Point's methodology is all wrong - figure more like five million, not 250 million
Microsoft's explanation still raises as many questions as it answers
Wikileaks dumps info on 'Brutal Kangeroo', the CIA's malware toolkit for hacking 'air-gapped' networks
CIA's Brutal Kangeroo malware suite likened to Stuxnet
Commuters less than chuffed - many fined for not having a ticket