By Steven Fox, Founder of SecureLexicon

This is the first part of my Black Hat interview with Andrew D. Hayter, Anti-Malcode Program Manager for ICSA Labs.  In this installment, Mr. Hayter highlights the challenges businesses face in mitigating malware-related risks.

Malware is a serious business threat.

While I am certain that doubt lingers in the minds of some users, the recent Heartland Payment System (HPS) breach illustrates the related risks.

According to an Information Week January 2009 article, a keylogger was instrumental in compromising an organization that “handles 100 million transactions per month for more than 250,000 businesses.”

HPS is not alone.  According to the Verizon Business 2009 Data Breach Investigations report, malware “contributed to nearly one-third of data breaches.”

The report noted that malware distribution has evolved from “self-replicating emails and network worms … [to] emphasize stealth and smaller, more directed distribution.”

This signals a shift from annoyance attacks toward targeted infections designed to gather intelligence