| |||||||||
| |||||||||
Current Filter: Network>>>>>Opinion> Understanding malware Editorial Type: Opinion Date: 09-2015 Views: 2776 Key Topics: Networking Security Malware Hacking Anti-virus Phishing Key Companies: Tenable Network Security Key Products: Key Industries: | |||
| We have lived with the malware threat for so long that we may be guilty of contempt through familiarity. Cris Thomas, Strategist at Tenable Network Security reminds us of the risk and its nature Based on their 2015 Data Breach Investigations report, Verizon claims that hackers are hitting organisations with malware based cyber-attacks five times a second. That’s a staggering frequency of attack and it seems that more criminals are evading detection. Verizon also confirmed that 70 to 90 per cent of malware samples had a unique signature. It's not surprising then that these seemingly nefarious pieces of software code, viruses, worms and Trojans are a major challenge for us all. By sneaking onto corporate networks, malware can siphon off company secrets, steal personal identity information and provide attackers with network access. Regardless of purpose, it's important to understand how unwanted malware infects systems and what can be done to efficiently identify and eradicate the threat.
HOW IT GETS IN Sometimes attackers engage in phishing schemes and use spam emails to trick users into clicking links that connect them to special websites, using convincing emails that appear to have been sent by a bank or other trusted source. Additionally, malware can be attached to documents including MS Word, Excel, PDFs and even pictures shared between users and transferred from system to system.
DESIGNED TO EVADE DETECTION The problem is that hackers creating malware know how anti-virus works and intentionally test to deceive the same anti-virus software. This creates a constantly evolving stream of new malware that is undetectable by anti-virus software until a sample is caught and a new signature created. In some cases, if the malware is used sparingly by the developer it may never be detected, leaving systems infected and exposed. Getting malware into a corporate network is the initial move in any cyber-attack. Sony, Target, Home Depot, and Anthem are all examples of attacks that began in this way. While malware is often designed for specific purposes such as stealing credit card information or intellectual property, in the case of Sony, some attackers simply wanted to wreak havoc.
WHAT CAN BE DONE? However, because of the low detection rates, anti-virus shouldn't be the only tool in your armoury. Organisations must also keep software patch levels up to date and analyse network traffic logs, to ensure that the patches are correctly applied and anomalies identified before malware fully establishes itself inside the system. While these methods are all layers in a security posture, one of the best lines of defence is to invest in a continuous network monitoring system that can analyse network traffic and identify suspicious activity. Using normal website traffic patterns it is easier to spot abnormal malware activity, allowing immediate action which can dramatically increase security levels and reduce the time that malware infestations reside undiscovered. | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |