Defending networks against rapidly evolving threats

Malicious threats such as viruses and spam campaigns now evolve rapidly, often using a combination of methods to spread. Typically, when a new malware threat or spam campaign appears, security vendors react by quickly creating specific virus detection algorithms and new anti-spam updates which detect and counter the threat. In response, virus writers release new viruses as frequently as possible, often distributing multiple strains of the same threat in a short space of time, in order to increase the chances of survival of their creations. Similarly, spammers use a variety of tricks to circumvent specific anti-spam technologies and rapidly adapt their campaigns to beat the filters.

In this continuously evolving threat environment, financial motivation has driven virus writers and spammers to join forces to produce campaigns that coordinate virus, spam, phishing, and spyware attacks. The random vandalism of earlier generations has been replaced by more purposeful criminal activity, with a shift in emphasis away from ‘traditional’ viruses towards threats designed to steal money, information, or both. Trojans and other spyware such as keyloggers now form the majority of new threats analyzed by SophosLabs - a global network of threat analysis centers.