Malware has consistently been an issue for companies over the past few years, particularly as samples become more complex. Today’s infections are increasingly adapting to utilize the most advanced techniques to date, requiring businesses to continually re-evaluate their data protection measures to ensure the least risk.
However, the fight is ongoing, especially as with each change the enterprise sector makes to its security best practices, hackers find a way to exploit new vulnerabilities. Toward the end of 2014, experts heralded it as “the year of the breach,” and for good reason. In the current environment, it’s not a matter of if an organization will be infiltrated, but when.
Despite these risky conditions, there are ways for today’s businesses to keep up with even the most advanced hackers. By taking a look at current trends and examining cybercriminal strategies to establish a blueprint for better protection measures, corporations can lower their risk of being the victim of a breach.
This year, companies have their work cut out for them, especially as more advanced malware samples are now easier to deploy. Instead of needing a high-level set of skills to hack into a large organization, today’s malware makes it easier than ever. By educating themselves about these samples – including how they work and what vulnerabilities they exploit – enterprises can work to craft improved protections and better safeguard their sensitive information.
This year’s malware: Advanced and targeted
According to Federal Times, last year’s breaches tell an interesting story, one that points to cybercriminals increasingly targeting government agencies with sophisticated malware. What’s more is experts believe there is no end in sight for these types of attacks.
Researchers found that there were a total of 10 breaches reported in the government sector last year. Of these instances, eight came due to cybercriminals installing malware on the technological systems of federal agencies. One such breach attacked the U.S. Postal Service network, and resulted in the exposure and compromise of the birthdates, addresses and Social Security numbers of over 800,000 staff members.
Experts including Paul Christman, Dell public sector software division vice president, believe that because malware samples are now easier to create than ever, organizations will see more of these types of attacks in 2015.
“It’s going to become easier to construct malware out of recyclable parts that are generally available via the Internet,” Christman pointed out. “From that perspective, the barrier to entry for malware is going to be lower.”
Because of the availability of malware components, hackers now have a number of opportunities and possibilities to build a sample that can evade detection and do significant damage to a business. Experts have also found that today’s hackers are using different approaches than they did in the past. For instance, some malicious groups are using large, obvious attacks to distract attention from the more stealthy infections camouflaged in the background.
“What we’re seeing is more sophisticated ways to deliver malware and hide in traffic,” noted Rob Roy, HP Enterprise Security Products federal chief technology officer. “The quiet actors hide in the noise.”
In addition to using bits and pieces from other samples, some cybercriminals are creating malware that is completely new in the underground environment. These include the use of end-memory and disc-less attack code that Joe Stewart, SecureWorks director of malware research, noted “is almost not malware.” Adding to these difficulties is the fact that attacks using these types of complex samples are so rare, there have been little instance to study them for data security insights.
Malware trends emerge
Despite this small set of incredibly advanced malware, most samples that will be seen this year utilize several trends that have already emerged. LavaSoft noted that many of the infections businesses will see in 2015 will leverage vulnerabilities such as those seen last year. For instance, 2014 brought the discovery of the Shellshock, POODLE and Heartbleed vulnerabilities which impacted a considerable number of major sites. This year, malware authors will continue to seek out vulnerabilities like these that can be exploited for infection purposes.
LavaSoft noted that many attackers will also target the biggest pool of victims possible. For example, many hackers will likely seek to infect Windows XP users, as support for the platform officially ended in April, 2014. Despite this, XP is still utilized by a large number of individuals and businesses, making it a rife attack vector for hackers.
The bottom line here is that data breaches will continue to rise in 2015. The Identity Theft Resource Center discovered a total of 761 breaches in a range of different industries, including the enterprise, financial, government and medical sectors. While some breaches were more high-profile than others, the fact remains that businesses need to do more to protect themselves.
By taking into account the strategies and approaches hackers will leverage in their infections this year, companies can be proactive in their protections and prevent these attacks before they happen.