Diving into Cyber Threat Intelligence

Of those who indicated sharing cyber threat and attack information in the March 2016 McAfee Labs Threats Report, 97% reported seeing value in doing do.

Unfortunately, while most agree that there is value in sharing information, the reasons companies give for not sharing information about cyber threats is revealing.

The key reasons why information about attacks is not shared were found to be:

Along with these concerns are ongoing investigations that prevent the sharing of information, since investigators are in pursuit of tracking down and catching the bad guys. Then there are concerns over legality and liability.

The report also observes a second key growing concern about the Adwind remote administration tool (RAT), which is a Java-based backdoor Trojan targeting various platforms supporting Java files. Adwind is propagated through spam campaigns that employ malware-laden email attachments, compromised webpages, and drive-by downloads.

The prevention methods suggested by McAfee Labs to combat .jar malware such as Adwind include the following:

All of the above recommendations involve human behavior, and changing behavior isn't always easy. Even keeping IT staff to the standard of patching and updating won't solve the security issues because users still continue to click away unknowingly. Some IT folks will even avoid patch and change initiatives in hopes of temporary stability.

Follow Matt Brunk on Twitter and Google+!
Matt Brunk on Google+