This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing five of the top network-based inline IPS appliances."
Download it now to read this article plus other related content.
Staying on top of the latest e-mail threats.
You are trekking through very rough terrain. Spammers and virus writers are blending mass-mailing spamming techniques to distribute malware, whose impact is more destructive than ever before. To combat this trend, we've compiled a comprehensive guide for managers grappling with these issues. We've out lined the e-mail security landscape and the latest threats, gathered solutions from users, and compiled a guide of the latest product offerings. What's more, we've given you practical tips on some of the most common and vexing problems to help you navigate the rocky e-mail security landscape.
Brett McKeachnie is fighting an uphill battle against e-mail-borne threats. He's deployed all the usual weapons--blacklists, antispam scanners and signature-based antivirus engines--but he still doesn't feel he is keeping pace with the bad guys.
"It's as bad as I've ever seen it," says McKeachnie, director of infrastructure operations at Utah Valley State College (UVSC). In early 2004, McKeachnie noticed that antivirus software makers were consistently starting to release two or three signature updates each day. "We thought that, if [AV vendors are] putting stuff out that quickly, there's got to be a lot of things that are getting by during the time when these companies identify a virus and publish the signatures."
|Policy checklist for preventing
e-mail borne blended attacks
McKeachnie isn't paranoid; he's typical of thousands of IT and security pros who try to counter escalating threats posed by e-mail.
Short-span and Blended Attacks
Research consistently shows that spam constitutes 70 percent or more of all e-mail communications. To make matters worse, the tactics used by virus writers and spammers are becoming more sophisticated. To avoid detection by antivirus software, malware writers are blending mass-mail spamming techniques to distribute viruses, worms and Trojans, and to lure users to malicious Web sites. These so-called short-span attacks leverage vast networks of infected computers to distribute viruses within hours by seeding malware to thousands of computers instantaneously.
A handful of these short-span virus attacks, including Goldun.BA and Beagle.BQ, were completed in less than seven hours, according to research compiled by antivirus software maker Comm-touch in June. Such attacks strain the ability of antivirus software makers to create and distribute anti-virus signatures fast enough to squash the outbreak. Another tactic: Virus writers use the serial variant, in which a new version of the worm or virus is released each day in an at-tempt to outrun the ability of anti- virus vendors to create signatures.
According to Symantec Corp.'s latest Internet Security Threat Report, this could explain why the number of virus variants targeting Windows reached 10,866 through June, up 142 percent over the first half of last year.
This was first published in October 2005