Corporate security pros need to be on the lookout for malware designed to evade detection and also damage the operating systems of the machines it infects if detection efforts become too persistent, the report says. It uses Rombertik as an example of such malware because it performs pointless operations while it is in security sandboxes in an effort to wait out analysis or to delay discovery.
Rombertik attempts to overwrite master boot records and if it fails, will destroy all files in users’ home folders. Should it go undetected, then it starts its primary function, stealing data typed into browsers. “It’s a solid bet other malware authors will not only appropriate Rombertik’s tactics but may make them even more destructive,” the report says.
Sandbox detection in malware is on the rise, making it harder for enterprises to discover it.
The report says spam levels remain about the same and that coding errors continue to introduce exploitable flaws into software. “Vendors need to place more emphasis on security within the development lifecycle, or they will continue to spend time and money on catch-up efforts to detect, fix, and report vulnerabilities,” the report says.
Java-based exploits are on the decline, with no zero-day exploits being discovered since 2013. Improved patching and security improvements have made the difference, Cisco says.
Sign up for Computerworld eNewsletters.