The threat landscape for digital security is ever-changing, but one thing remains the same: information security continues to grow in importance. In an attempt to breach systems and either gain access to restricted content or, in the worst case scenarios, seize control of systems, groups and individuals are targeted regardless of industry.Is Anyone Safe?
At the dawn of the information age, computers and computer networks were used primarily by three groups: government, military, and universities. Today of course, technology is used in most every sector imaginable, meaning all companies are equally vulnerable to digital intrusion. It's not only the government, the army, or a few advanced universities that have valuable data.
Today, any company, educational institution, healthcare organization, or financial group that deals in transactions can be a viable target. Whether it is to harvest social security and credit card numbers for identity theft, or simply "imprison" data and deny access to its owners until a ransom is paid, organizations now have to concern themselves with their data. Malware is one of the most serious—and varied—ways that this system intrusion can occur.
Malware Over the Years
Different trends and fashions occur in the style and purpose of malware. From "spyware", a popular form of attack using keystrokes of users to capture passwords and filenames, to ransomware, which contributed to the loss of billions of records of healthcare, the ways in which malware can infiltrate a business is ever-changing.
For 2018, ransomware, appears to be on the decline, at least concerning reported incidences and successful ransomware scams. However, technology continues to change, and 2018 is bearing witness to new—and disturbing—trends in how malware is used.
Cryptocurrency and Malware
Cryptocurrency is a new form of digital currency that relies on computers doing complex mathematical work as part of a record of recording financial transactions and creating more cryptocurrency, which can eventually be converted to real-world cash. Cryptomining malware is one of the latest developments in malware evolution.
Because these calculations require computers using extensive resources, cryptomining malware is now being used to compromise systems. The malware “slaves" the computer processing power of company systems in order to further "cryptocurrency mining."
More Sophisticated Techniques
It's not just the purpose of malware that is changing. There are new advancements in the way malware operates and its delivery systems, which need to be monitored for and prepared to defend against.
For example, one disturbing new trend in malware is known as “fileless” attacks. In this case, the malware isn't even embedded in software that anti-virus protection might spot, but it instead hides in scripts.
Another type of malware attack, known as "clickless", doesn't even require an open to an email or a click. Merely being "in proximity" to a system can cause it to remotely access the system, despite a user not clicking on links.
Staying Safe from Malware
North America continues to be a prime target for malware trends, and that means that security teams are always working hard to formulate a new security strategy and keep organizations safe. There are steps that can be taken to give yourself and your organization the best possible defense, and those include:
- Evaluate network defenses. Make sure any firewalls, anti-virus systems, or file integrity management programs you have are always current on maintenance, patched, updated and ready to deal with modern threats. Don't let a new virus or malware variant catch your systems off guard.
- Remain compliant and secure. Those in finance must maintain GLBA compliance. Those in healthcare must focus on HIPAA compliance. Those needing to meet Critical Infrastructure Protection (CIP) must have NERP-CIP compliance. For those processing credit card transactions, PCI DSS compliance is a must. SOX compliance, GDPR compliance and FISMA compliance are a focus for others. Regulatory compliance and security acts many times require or suggest procedures that can help with enterprise security by focusing on system hardening. The right tools can help achieve that compliance and security.
- Use a FIM (File Integrity Monitoring) tool. File Integrity Monitoring software can detect change across your enterprise. Total system device and integrity monitoring can protect against authorized changes to OS settings, system files, configurations, and other critical applications.
- Finally, practice good cybersecurity habits. Reviewing/removing weak passwords, following cybersecurity policies, regular staff training, and blocking unauthorized downloads should all be followed.
Change is inevitable in the IT environment. Protecting critical files from malicious changes and responding quickly to remediate changes can help organizations stay compliant and secure. Learn more about File Integrity Monitoring today.
September 28, 2018