Endpoints still vulnerable despite advances in protection technology
Although endpoint security solutions have improved, a new survey of IT security professionals finds that three quarters believe their existing anti-malware solutions would be able to prevent no more than 70 percent of infections.
The study from anti-evasion specialist Minerva Labs shows nearly half of the respondents surveyed (48 percent) say that they have seen about the same number of malware infections than previous years while 32 percent claim to have seen an increase in infections.
The malware evasion techniques that pose the biggest concern are avoidance of malware analysis and forensic tools (32 percent) followed by fileless or memory injection attacks (24 percent). Attacks that use malicious documents also raise concerns (24 percent). Also, the survey finds that over half of respondents (53 percent) prefer adding a meaningful layer to their endpoint security stack instead of completely replacing their existing AV.
Nearly 39 percent of IT leaders say that besides security benefits, the other operational aspects they find most important when adding a security layer on the endpoint is the ability for it to work even on low-resource systems. 28 percent see easy deployment and upgrades across multiple endpoints as important while 18 percent value the ability to not interfere with current business applications.
"The results from our survey indicate that while malware threats are still growing, endpoints remain highly vulnerable to a cyber-attack," says Eddy Bobritsky, co-founder and CEO of Minerva Labs. "We continue to see more complex and sophisticated threats, where traditional blocking and prevention mechanisms, such as antivirus, are no longer enough to keep endpoints safe. Beyond merely relying on baseline anti-malware solutions to protect endpoints, companies should strengthen their endpoint security architecture to get ahead of adversaries, such as blocking off attempts to get around existing security tools."
With the increase in ransomware and other malware threats, the time it takes to remediate these attacks is crucial. The good news is that 41 percent of respondents say that when faced with a compromised endpoint it is restored to a normal state within hours. However, there is still some room for improvement, as more than 40 percent say it takes days or weeks to return to a normal state.
You can find out more about the study on the Minerva Labs website.