2 Things of note about Attackers and How their Minds Work

1. How does the user’s mind work?

2. How does the security mind work?

Answer these questions and you have an insight into how the attackers’ mind works. And where they are headed.

1. I am the customer.

I love celebrities. Love is not far off the mark. Come Independence day, Christmas, elections, storms off the Pacific or just about any day of significance, I am more likely to click a lot more links related to the occasion than not. And let’s not forget doomsday announcements. I can’t keep my finger off “The World’s coming to an End” links. And then there are gruesome videos. That’s human psychology at its best. And that’s just what attackers are preying on.

Come morning, I was out to protect myself against threats. It’s ironic though that just when I am trying to up my defenses, they are down. I am likely to click a link in an “authentic” mail that asks me to do so to download the latest, most secure-to-date version. And what more ubiquitous than Microsoft and its IE7. Well, attacks lurked right around these protective download corners.

2. I am the security solution.

I don’t want too many false positives. But with zombies and botnets dropping off their IP address within a day of birth – about 55 % die their death within a day. And if we are referring to Germany or China, it’s 79 and 78 % - taking on legitimate sources, content, sites, URLs to bypass me, I could be in trouble. ‘Cause if I’m dependent on the source IP address to judge if a mail is spam or not, I am more likely than not to be off the mark. All this and more is in the Q3 2008 Email Threat Report released by Commtouch.

So what’s the learning?

If you don’t have a content filtering and anti-virus or anti-malware solution working with the anti-spam, your network is functioning without the second and third levels of protection.

Think of the worst possible loophole of your users and your security solutions, that’s where attackers will strike. Remember Murphy’s Law – Whatever can go wrong, Will go wrong. If you sit tight, hoping the loophole is going to go away on its own, it won’t. Watch your users, understand their patterns and their thinking, educate them – that reduces your gaps by well over a half. For the other half, deploy unified security, that’s Unified Threat Management to give your network multiple layers of protection against blended threats.

And one last point. CAPTCHAs aren’t a deterrent anymore. Webmails are easy to create now on the automated route and as fast as you shifted a load of them into junk, many times more were created last quarter.

Click here to download the full Q3 2008 Email Threat Report.