Beware The Latest Malware

Uploaded on 2020-05-15 in TECHNOLOGY--Hackers, FREE TO VIEW

Malware is one of the most well-known cyber threats, defined as a blanket term for computer programs used to damage a computer or network and gain access to sensitive information. Malware has been around for a long time, but it is still a major problem for businesses – around half of all organisations suffered a malware attack against company-owned devices in the last year. 

And in 2020, the use of malware by cybercriminals is growing. The malware strains have begun to use more sophisticated techniques and in some cases, they can even evade traditional signature-based defences; at present antivirus solutions are only able to block just over 40% of malware attacks.

Additionally, malware is expanding its field of targets and is now being used against mobile phones and smart devices. 

Perhaps even more worrying is the rise of malware-as-a-service, which has seen criminals develop ‘affiliate programmes’ that engage people with little to no cyber hacking skills to extort money from victims. This means that businesses need to start taking malware much more seriously, and put in resources and investment to defend themselves against the latest malware threats across the world. Protecting your company now means going far beyond relying on antivirus and firewall software. 

Attacks are more damaging than ever before
If you are still not convinced by the need to take malware more seriously, the first thing to note is that the severity of malware attacks is increasing. Organisations affected by malware can suffer extensive damage – not only financially but also to their reputation.

One key example is currency exchange bureau Travelex which recently lost control of its IT systems and customer data in a malware attack. The cybercriminals involved then demanded a ransom of $3 million to restore services. 
It is also worth noting that it is not just businesses that are targeted with malware. In 2019, in excess of 70 state and local governments in the US suffered ransomware attacks. 

How malware spreads
Malware is able to spread extremely rapidly – and this is partly due to the fact that it is spread in a variety of different ways. Some of the most common occur as phishing attacks – where unsuspected users are tricked into opening an application or website in an email. It is also common for criminals to use so-called software subversion, where they infect applications and software that is used by web developers, rather than websites or networks directly. 
Malware can also be spread by hackers who gain access to a network and then control it remotely. And there are even examples of employees and other insiders taking a bribe from cybercriminals in order to plant malware in a network. 

Latest malware threats to be aware of
Malware can take many different forms, and some of the most well-known of the latest malware threats include:

  • Ryuk - this is a sophisticated ransomware that infiltrates a system and then encrypts the data stored on it, making it unusable. A message is then displayed informing the user of these facts and demanding payment in the form of Bitcoin in order to get the files decrypted.
  • Trickbot - this is a banking trojan that is used to target small and medium-sized businesses – it is used to steal personal information in order to conduct identity fraud.
  • Emotet - another banking trojan which has evolved into a threat-delivery service. It is distributed through spam emails that are designed to look like legitimate emails.
  • Dridex - this is another form of malware that can evade traditional defences and specialises in the theft of online banking credentials.

How to protect your business against malware
While traditional defences alone are ineffective against these newer malware threats, there are thankfully many things that you can do to protect your business against them. The first thing to note here is that systems should be regularly patched, and vulnerability scans should be carried out in order to identify systems and applications at risk. 

Signature-based and behavioural-based detection technologies also have a role to play. Endpoint detection and response tools monitor user behaviour in the system in order to detect the latest types of malware – this allows them to disrupt and mitigate attacks. These tools are complex and time-consuming to manage however, and many businesses prefer to make use of managed endpoint detection and response services

There are also some best practice steps you should take to keep your business secure, such as keeping data regularly backed up to multiple sources on and off-site, utilising multi-factor authentication when users login to accounts, as well as providing training to employees about the risks of the latest threats. 

Chester Avey is an independent business consultant.     

You Might Also Read: 

Is The Cloud Skills Gap A Problem?

 

 

 

« Cyber Security Market Slowdown Blamed On Coronavirus
CISO's Cant Find The Right People »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TBG Security

TBG Security

TBG provides a portfolio of services including cyber security, compliance and continuity solutions.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Cybereason

Cybereason

Cybereason provides attack protection with cutting edge EDR and XDR, and industry recognized consulting services to support organizations throughout any stage of the incident lifecycle.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

JPCERT/CC

JPCERT/CC

JPCERT/CC is the first Computer Security Incident Response Team (CSIRT) established in Japan.

Data Security Council of India (DSCI)

Data Security Council of India (DSCI)

DSCI is a premier industry body on cyber security and data protection in India, committed to making the cyberspace safe, secure and trusted.

Logsign

Logsign

Logsign is a Security Orchestration, Automation and Response (SOAR) platform with next-gen Security Information and Event Management (SIEM) solution.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

Agio

Agio

Agio is a hybrid managed IT and cybersecurity provider servicing the financial services, health care and payments industries.

Quintillion Consulting

Quintillion Consulting

Quintillion Consulting is a strategic risk based consulting firm. We help companies safeguard the core business and IT capabilities that deliver competitive advantage.

Data#3 Limited (DTL)

Data#3 Limited (DTL)

Data#3 Limited (DTL) is a leading Australian IT services and solutions provider.

Acumera

Acumera

Acumera is a leader in managed network security, visibility and automation services.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre is the jurisdiction's Cyber Emergency Response Team (CERT) and national technical authority for cyber security.

SecureFlag

SecureFlag

SecureFlag is dedicated to enhancing secure coding across all technical profiles within the Software Development Lifecycle.