Data Stealing Malware and how Business can Protect Against it

smiling malicious covid19 malware @ruralict.com
Get rid of evil smiling malware ready to steal your data
  • Cyber attacks against businesses are increasing
  • 60% of small businesses close shop after experiencing an attack
  • Cyber attackers tweaking ways to deliver malicious software to steal confidential data
  • Implement a layered defense approach that includes encrypting confidential data, using 2-factor authentication and continuous user-awareness training.

Cyber criminals use multiple techniques to break into a network, system and to breach data. New methods emerge as the attackers leverage more modern technologies to develop complex malware programs and sophisticated breaching tactics to evade detection. 

The recent Covid-19 pandemic has placed many businesses in harm's way since they require to adopt strategies like remote working to contain the disease. Attackers have exploited the opportunity to upscale their campaigns, as the following statistics indicate.

Recent hacking statistics 

1. According to an Interpol report released in August 2020, small businesses are currently not a top target of cyber adversaries. Instead, cyber-criminals have shifted to critical infrastructures, governments, and major corporations that play a significant role in responding to the pandemic. 

The report also states that hackers are exploiting the increasing security vulnerabilities as businesses rapidly deploy remote applications, networks, and systems. 

2. Insider threats are a top concern for small- and medium-sized businesses. An IBM research and Ponemon Institute show that the average cost resulting from insider-instigated cybercrimes is $7.68 million for each incident. The costs, however, vary depending on the scope of the attack and the business size.  

3. A large percentage of Small medium businesses (SMBs) are to blame for hacking incidents since a recent research study revealed that at least 43% lack a proper cybersecurity defense plan. Also, a survey drawing participants from the U.S. and the U.K. revealed that 23% don't use endpoint security protection, while 32% of those who do use consumer-grade, free endpoint security solutions. 

4. The Verizon Data Breach Investigations Report released in 2020 showed that 28% of the breaches recorded in 2019 involved small businesses. 

How hackers can compromise your business

1. implanting fileless malware 

Unlike yesteryears, cybersecurity solutions like antivirus software are now susceptible to new attack methods like fileless malware. A fileless malware is a malicious code that lives in a computer RAM and does not write files or install other programs in the disk. As such, they cannot be detected using antivirus programs and can bypass strong firewalls. 

A fileless malware also inserts itself in a legitimate program already installed in a computer, thus hiding in the computer memory. A 2020 cyber-threat report revealed a spike of fileless malware in the third quarter, as hackers ramp up their campaigns. 

fileless malware infecting system @ruralict.com

2. Watering hole attack

Hackers often use the watering holes attack technique to compromise company security and exfiltrate data. Attackers observe or guess the trusted or well-known websites a business frequents and breaches them using a third-party service or directly. 

The hackers can then infect anyone who visits the compromised websites to gain access to confidential data and system access. In most cases, company employees are unable to detect the attacks since the firewall, antivirus, and web browser are unlikely to detect any anomalies. 

3. Supply chain attacks 

Supply chain attacks can result in adverse impacts on a business. Firstly, they can cause loss of data. Adversaries can use backdoors installed when the systems were being developed in the supply chain to steal and delete critical business data. Also, the attacks can adversely impact the business's finances. By targeting billing systems, hackers can gain access to a company's financial systems and transfer funds or steal sensitive financial data. Besides, hackers can use timed supply chain attacks to gain access to company networks, causing further damage.  

4. Phishing attacks 

Phishing attacks are a top security concern for businesses as they account for 90% of successful data breaches and attacks. Phishing attacks are also easy to execute since hackers require little resources and minimal knowledge. 

Hackers target specific employees through phishing emails to trick them into revealing sensitive data, such as usernames, passwords, business competition strategies, financial information, among others. Attackers also research businesses and employees to include personal information, references, and specific details, thus increasing the success rate. 

Your business can defend itself 

1. Combat fileless malware attacks 

Several strategies have proved effective in combating fileless malware threats. Firstly, ensure all company employees observe proper security hygiene through patching and updating outdated programs, implementing a robust security and awareness training program, and understanding the built-in OS codes to facilitate accurate spotting of anomalies. 

Also, network segmentation allows a company to define access privileges and rights, thus restring the spread of a fileless malware across a network and from one computer to another. 

2. Prevent watering holes attacks 

Businesses can use several best practices to prevent and protect themselves from malicious watering holes attacks. They include:

  • Frequent inspection of websites a business regularly visits to detect the presence of malware
  • Block employees from visiting sites marked as compromised when they are connected to the company's network 
  • Set up robust configurations in browsers and security tools to alert users when they visit a compromised website
  • Inspect and scan web traffic from external and third-party sites before permitting access 
  • Implement a multi-faceted security approach consisting of threat detection, threat sharing, and threat intelligence to ensure real-time identification of compromised websites 

3. Measures for protecting against supply chain attacks 

It is essential to establish transparency and trust when third-party service providers have full system access. Evaluate and understand the supplier network to ascertain all supply partners observe the same security practices as your business or higher. 

Collaborating with the supply chain partners can provide more in-depth insight into the various risk factors, such as manufacturing locations, the available attack surfaces, and ownership. These are critical to implementing adequate controls to protect a business against supply chain-based attacks.

4. Security training and awareness 

Companies can combat phishing and related social engineering attacks through comprehensive security training and awareness programs. Such programs educate employees on how to identify phishing emails, reporting malicious attachments and links, and best security practices. 

The high success rate of phishing attacks is due to untrained employees who easily fall prey to social engineering traps.

5. Implement Defense-in-depth

The defense-in-depth approach is highly successful as it uses multiple barriers to prevent hackers from breaching a system and accessing classified data. Some of the defense-in-depth controls to consider include:

  • Installing and properly configuring network, web, and computer firewalls
  • Installing security software tools capable of addressing evolving cyber-security threats. Such tools include AI-based anti-malware and antivirus solutions with intelligent threat-hunting capabilities
  • Encryption technologies for data-at-rest, in-transit, and in-use
  • Use complex passwords coupled with multi-factor authentication to prevent unauthorized and unauthenticated access to business data and systems. 

Leave us a comment about the story.

Read More:


Comments

  1. You have covered very well the measures a company should take to protect its data. In this time of crisis, companies tend to reduce their IT budget but this is one thing on which there should be no compromise

    ReplyDelete
    Replies
    1. thank you. And i agree that now is not the time to cut the it-budget considering that attacks against businesses are increasing due to covid19 forcing employees to work from home.
      On the other hand, considering the financial downturn businesses are currently experiencing, its understandable when it-budget cuts happen. Its upon us in IT to now prioritize initiatives that pose greatest risk to business but the greatest value to business when mitigated.

      Delete
  2. Anonymous1:44 PM

    Dear John Kibuuka, thank you so much for this submission. Have you considered the operation of a numerical model that represents the structure of a
    dynamic process by any chance?
    Kindly advise.

    ReplyDelete

Post a Comment