Over the last decade, malicious software has become a pervasive problem for Internet users as many networked resources include vulnerabilities that are subject to attack. For instance, over the past few years, an increasing number of vulnerabilities are being discovered in software that is loaded onto network devices, such as vulnerabilities within operating systems, for example. While some vulnerabilities continue to be addressed through software patches, prior to the release of such software patches, network devices will continue to be targeted for attack by malware, namely information such as computer code that attempts during execution to take advantage of a vulnerability in computer software by acquiring sensitive information or adversely influencing or attacking normal operations of the network device or the entire enterprise network.
Moreover, with the proliferation of the Internet, social media, and email, malware is capable of spreading more quickly and effecting a larger subset of the population than ever before. In response, systems have been developed to remove and/or quarantine malware. For example, users are generally informed to “scan” their various devices and/or systems using traditional security measures such as “anti-virus” software that is configured to remove any malware that may have been installed therein. Unfortunately, users are at the mercy of the most recent update of their anti-virus software, which may or may not include information to prevent possible malware exploits.
Furthermore, modern malware is becoming increasingly targeted, such that particular users, industries, or even specific segments are being sought, thereby circumventing even the most recently updated and detailed security measures that are usually generic in nature. The issue is further exacerbated because malware is also becoming increasingly sophisticated, to the point that such malware may go undetected by anti-virus software, or go so far as circumventing anti-virus measures altogether.
Accordingly, a need exists for an early warning system that is preventative, rather than reactive after the fact, to predict potential malware attacks prior to their occurrence, and notify targets that have a high probability of being attacked.