Beware The Latest Malware

Malware is one of the most well-known cyber threats, defined as a blanket term for computer programs used to damage a computer or network and gain access to sensitive information. Malware has been around for a long time, but it is still a major problem for businesses – around half of all organisations suffered a malware attack against company-owned devices in the last year. 

And in 2020, the use of malware by cybercriminals is growing. The malware strains have begun to use more sophisticated techniques and in some cases, they can even evade traditional signature-based defences; at present antivirus solutions are only able to block just over 40% of malware attacks.

Additionally, malware is expanding its field of targets and is now being used against mobile phones and smart devices. 

Perhaps even more worrying is the rise of malware-as-a-service, which has seen criminals develop ‘affiliate programmes’ that engage people with little to no cyber hacking skills to extort money from victims. This means that businesses need to start taking malware much more seriously, and put in resources and investment to defend themselves against the latest malware threats across the world. Protecting your company now means going far beyond relying on antivirus and firewall software. 

Attacks are more damaging than ever before
If you are still not convinced by the need to take malware more seriously, the first thing to note is that the severity of malware attacks is increasing. Organisations affected by malware can suffer extensive damage – not only financially but also to their reputation.

One key example is currency exchange bureau Travelex which recently lost control of its IT systems and customer data in a malware attack. The cybercriminals involved then demanded a ransom of $3 million to restore services. 
It is also worth noting that it is not just businesses that are targeted with malware. In 2019, in excess of 70 state and local governments in the US suffered ransomware attacks. 

How malware spreads
Malware is able to spread extremely rapidly – and this is partly due to the fact that it is spread in a variety of different ways. Some of the most common occur as phishing attacks – where unsuspected users are tricked into opening an application or website in an email. It is also common for criminals to use so-called software subversion, where they infect applications and software that is used by web developers, rather than websites or networks directly. 
Malware can also be spread by hackers who gain access to a network and then control it remotely. And there are even examples of employees and other insiders taking a bribe from cybercriminals in order to plant malware in a network. 

Latest malware threats to be aware of
Malware can take many different forms, and some of the most well-known of the latest malware threats include:

  • Ryuk - this is a sophisticated ransomware that infiltrates a system and then encrypts the data stored on it, making it unusable. A message is then displayed informing the user of these facts and demanding payment in the form of Bitcoin in order to get the files decrypted.
  • Trickbot - this is a banking trojan that is used to target small and medium-sized businesses – it is used to steal personal information in order to conduct identity fraud.
  • Emotet - another banking trojan which has evolved into a threat-delivery service. It is distributed through spam emails that are designed to look like legitimate emails.
  • Dridex - this is another form of malware that can evade traditional defences and specialises in the theft of online banking credentials.

How to protect your business against malware
While traditional defences alone are ineffective against these newer malware threats, there are thankfully many things that you can do to protect your business against them. The first thing to note here is that systems should be regularly patched, and vulnerability scans should be carried out in order to identify systems and applications at risk. 

Signature-based and behavioural-based detection technologies also have a role to play. Endpoint detection and response tools monitor user behaviour in the system in order to detect the latest types of malware – this allows them to disrupt and mitigate attacks. These tools are complex and time-consuming to manage however, and many businesses prefer to make use of managed endpoint detection and response services

There are also some best practice steps you should take to keep your business secure, such as keeping data regularly backed up to multiple sources on and off-site, utilising multi-factor authentication when users login to accounts, as well as providing training to employees about the risks of the latest threats. 

Chester Avey is an independent business consultant.     

You Might Also Read: 

Is The Cloud Skills Gap A Problem?

 

 

 

« Cyber Security Market Slowdown Blamed On Coronavirus
CISO's Cant Find The Right People »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ReadWrite

ReadWrite

ReadWrite is a leading media platform dedicated to IoT and the Connected World.

CORDIS

CORDIS

CORDIS is the European Commission's primary public repository and portal to disseminate information on all EU-funded research projects and their results.

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

ANTIC is responsible for regulating the activities of electronic security and regulation of the Internet in Cameroon.

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

AllegisCyber Capital

AllegisCyber Capital

AllegisCyber is an investment company with a focus on seed and early stage investing in cybersecurity and its applications in emerging technology markets.

Cyber Security Audit Corp (C3SA)

Cyber Security Audit Corp (C3SA)

C3SA specializes in architecting, operating, managing and improving defensible and resilient IT infrastructures for Canada's public and private sectors.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

Newberry Group

Newberry Group

The Newberry Group provides comprehensive IT services and solutions that optimize operations, minimize risk and deliver measurable business value.

Revere Technologies

Revere Technologies

Revere Technologies is a pure-play cyber security solutions and services provider in Sub-Saharan Africa.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

NVISIONx

NVISIONx

NVISIONx data risk governance platform enables companies to gain control of their enterprise data to reduce data risks, compliance scopes and storage costs.

Maxxsure

Maxxsure

Maxxsure provides a platform for executive management, leveraging proprietary technology that identifies, measures, and scores a company’s cyber risks.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.