Perhaps firewalls can help to prevent leakage
It seems to be the fate of the unsuspecting user that it always is hunting season for him, and there is little hope this will improve soon, even Microsoft would have a hard time fighting organizations with so much resources, in the case they were willing to do so.
Increasing complexity may help. Perhaps firewalls should copy email spam filter techniques by consulting databases with white listed websites and ip addresses. The PDF from Kaspersky showed that this malware makes extensive use of C&C systems. By combining black and white listed ip addresses, the user would not be protected against the malware itself, but could do an attempt to prevent it leaking information to the internet. These databases could, like SPAMHOUSE, collect information about general surfing behavior, and warn when strange addresses are visited.
Biting the hand that feeds IT
