blended threat

A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.  

A blended threat is an exploit that combines elements of multiple types of malware and usually employs multiple attack vectors to increase the severity of damage and the speed of contagion.  Nimda, CodeRed, Bugbear and Conficker are a few well-known examples. Although they may be identified as viruses, worms or Trojan horses, most current exploits are blended threats.

A blended threat typically includes:

  • More than one means of propagation -- for example, sending an email with a hybrid virus/worm that will self-replicate and also infect a Web server so that contagion will spread through all visitors to a particular site.
  • Exploitation of vulnerabilities which may be preexisting or may be caused by malware distributed as part of the attack.
  • The intent to cause real harm, for example, by launching a denial of service (DOS) attack against a target or delivering a Trojan horse that will be activated at some later date.
  • Automation that enables increasing contagion without requiring any user action.

To guard against blended threats, experts urge network administrators to be vigilant about patch management, use and maintain good firewall products, employ server software to detect malware, and educate users about proper e-mail handling and online behavior.

 

See also: application whitelisting, application blacklisting, malvertisement, botnet, integrated threat management

This was first published in September 2005

Continue Reading About blended threat

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close