We live in an online age, one where malware infections have become commonplace. Some might say this is the price of doing business online. News headlines report damaging attacks on well-known brands with depressing regularity. Consumer confidence suffers as customers look to organizations to sort out the issue, secure their transactions and fix the problem.
But will it every truly get sorted? Fraudsters are now so skilled in their knowledge of human nature – how and why a person will respond to social engineering lures – that malware is growing faster than organizations' ability to respond to, never mind educating consumers about, the latest attacks.
There’s no silver bullet. A malware attack is a complex, multi-layered organized infiltration of malicious software against a company or a consumer. Fraudsters are using ever more sophisticated malware to extract personal details, gain account access, and steal data. The most prevalent types of malware are:
> Spyware – software allowing the fraudsters to quietly watch and steal data from key logging or print captures on your computer system or network without your knowledge.
> Banking Trojans – also called “crimeware,” malicious software designed to steal credentials for the purpose of banking or credit card fraud.
> Ransomware – malicious software that infiltrates your network or system and encrypts the data until a ransom is paid.
> Remote Access Trojans (RATs) – similar to banking Trojans, RATs install backdoors to provide remote login to an infected system or network allowing the fraudster additional access and further options for fraudulent activity.
Within each type, there are individual malware families, or groups of malware software packages that are similar in attack methods and lifecycle.
Of the four common types of malware listed, ransomware has been growing fastest in popularity. In 2015 the FBI reported $18 million in losses from a particular ransomware family called “CryptoWall” that had generated 992 complaints in the previous 14 months with victims reporting losses of over $18 million.
CryptoWall, CryptoLocker, and Teslacrypt are all examples of ransomware. Sophisticated lures have expanded the breadth of ransomware attacks across multiple industries, including financial, medical, and manufacturing companies, as well as individual consumers. Often the ransom must be paid in Bitcoin so that it cannot be traced back to the fraudster. While not paying the ransom is most preferable, if a consumer or organization has not backed up their files recently, or if daily business functionality is stalled, paying the ransom often ends up being the simplest way to fix the problem.
For corporations, ransomware may be the most threatening form of malware because the fraudster takes control of their network until the ransom is paid. This can escalate to a full data breach resulting in identity theft, invoice fraud, and other malicious activity that uses harvested data. This biggest cost might well be the loss of consumer trust from a full data breach.
How do we prevent our companies or our families from falling prey to a malicious online attack? The key is in educating employees and customers about the types of threats, the social engineering tactics used, and how they typically fool people. Taking all necessary technical precautions is a basic requirement: back-up your files regularly, make sure your anti-virus software is active and regularly updated, and make sure you have web (browser) and email filtering turned on.
For further information on malware and how it can impact your business watch this webinar where I’m joined by Jack Johnson, from our Security Operations Center. We review the various types of malware that are currently impacting and disrupting businesses and discuss mitigation strategies and best practices to protect your business.