Zeus and the new wave of sophisticated threats

I find myself increasingly fascinated by the sophistication of the malware threat. From my perspective as a network systems administrator and a security consultant, malware was before considered a nuisance merely impacting PC performance.

Zeus appears to be a sea change in the story of malware. No longer are the users only affecting themselves(their own PCs performance) when they surf irresponsibly and contract a malware infection. Authentication credentials and thus financial and corporate secrets are at risk from only one infection in an environment. And it is now clear that variants like Zeus are being used by organized criminals to compile complex profiles on their victims in preparation for the real attack.

What are you all doing on the network administration side to mitigate these threats? We employ firewalls, proxies, script blockers and machine scans, all at very reasonable low cost. Are these countermeasures enough to combat these sophisticated attacks?

Tags: , , , , , , , ,

If you enjoyed this article, get new ones by email (it's free).

Email:

You can unsubscribe anytime and we will never share or sell your email address.



4 Responses to “Zeus and the new wave of sophisticated threats”

  1. William A. on 21. Oct, 2010

    Nothing will be enough to combat emerging threats. As the ‘good guys’ we will always be playing a game of catch up. The best we can hope for is to employ safeguards and mitigate the damage done.

    As for our measures, we employ firewall antivirus/antimalware, smtp/pop3 scanning, traffic monitoring, url blacklisting, IDS/IDRS as well as desktop/server antivirus/antimalware and firewall.

  2. tim m. on 29. Oct, 2010

    We employ the latest 5th gen solutions that provide:
    -anti-virus
    -anti-spyware
    -intrusion prevention
    -application firewall

    with the latest application visualization, I can look into the https stream and decrypt the stream to see exactly what is in there

    By segmenting the LAN, (Marketing, admin, manufacture) I can apply all these same features between departments, so if the marketing guys get a virus on their laptop and bring it inside, admin is still protected!

  3. uttam k. on 30. Oct, 2010

    Hi,

    I am agree with William, none of the solution can protecting against new
    emerging threats. In fact,100% security is not at all possible. With multi
    layered security architecture we can reduce the security risk.

  4. mike n. on 11. May, 2011

    I have to agree. All the security in the world does not work when an administrator brings in a jump drive with their downloaded songs to play at their computer.

    Or surfs coupons like the few I am working with now.

    We continue to get better at taking care of the problems but there seems to only be one real way to stay safe. Unplug

    Mike N

Leave a Reply to uttam k.