Protection Schemes Against Malware
By Samuel Greengard
It's safe to say that malware is evolving faster than a monster in a bad sci-fi flick. Hardly a day goes by without word of a new and far more sophisticated risk. What used to be the work of hackers and pranksters now falls squarely in the domain of organized crime syndicates and hostile governments. Flashy takedowns and high-profile antics have been eclipsed by stealthy and increasingly dangerous takeovers, notes Jonathan Gossels, president of security consultancy SystemExperts.
Malwarebytes intelligence analyst Adam Kujawa expects to see state-sponsored malware in the wild; an increase in "Assumed Guilt" ransomware that prompts users to think they have done something wrong and pay up; a proliferation of "Banker Trojans" that attempt to steal form data; a comeback in Remote Access Trojans that are now more sophisticated and stealthy; malvertisements that use legitimate advertising banner ads to spread malware; and Linux Web Server Kernel Malware, a rootkit specifically developed to attack web servers.
Meanwhile, banks and government agencies are under near-constant assault from DDoS attacks. Power grids, flight control systems, traffic control systems, water treatment facilities, hospitals, communications systems and other key technology systems are also at risk.
This emerging environment, especially when combined with other security threats, requires a new outlook and mindset. For one thing, a multipronged approach is critical. For another, businesses must rely on more abstract yet contextual methods. Gidi Cohen, cofounder and CEO of Skybox Security, predicts that organizations will turn to big data for security, more advanced vulnerability management systems that can identify and prioritize risks, next-generation firewalls that are more tightly tuned to a network and intrusion risks, and continuous security monitoring.
In a U.K.-based Guardian article, Cohen noted that "highly publicized breaches coupled with increasingly sophisticated attack vectors have raised awareness and brought IT security all the way to the board level." This, Cohen says, may necessitate the creation of a chief information risk officer (CIRO) that supersedes today's chief information security officer (CISO).
In addition, Gossels says CIOs and other IT leaders must focus on more systematic assessments and more widespread application of ISO 27702, which outlines best practices in 135 areas such as access control, physical security, human resources controls and classifying the value of data.