At one end of the scale, the blended attack is defined as a piece of malicious code using a variety of delivery methods to infect systems.
About halfway along the scale, a blended attack is defined as a combination of different malwares or virtual attacks, used in combination to attain a target. And at the other end of the scale, the blended attack “gets real” in the sense that it not only has virtual components, but can be combined with physical attacks as well.
Each case needs to be assessed for the potential impact on your organisation.
Examples may help to explain. The single piece of malware delivered via multiple channels might be a virus infecting computers through phishing emails with links to bad webpages that download the virus, and via a cross site scripting attack (XSS) in which a normally reputable website is itself infected to then cause the download of the virus to visitors.
In the second case, a combination of virtual attacks might be a distributed denial of service (DDoS) serving as a smoke screen for an injection attack on a system database (such as SQL injection) or operating system.
The third case, using the blending of virtual and real attack vectors, may become more prevalent as the Internet of Things (IoT) and specifically the Industrial Internet of Things (IIoT) grow.
Malware infections can cause devices or machines to malfunction, such as power grids cutting out or vehicles accelerating outside the driver’s control.
One of the key messages here is that virtual security and physical security can no longer be considered separately.
Whether in the consumer or the business context, developers and organisations will increasingly need to guard against the possibility of blended attacks at any point along the scale from the solitary malware to the full-blown combination of multiple virtual and physical threats.