What we’ve learned from malware epidemics

Cybersecurity breaches are the norm rather than the exception today, although they have changed over the years. They’re rarely the worms of early 2000’s fame.

Instead, malware programs lie in wait - sometimes for months at a time - before springing forth to capture personal identity information (PII), syphon money to undisclosed locations and accounts, and wreak havoc around the cyber-sphere.

Over the course of the last decade, as cybersecurity breaches have become more invasive, everyone on the web has been forced to adapt. Indeed, some of the most malicious malware attacks in recent years have incited a major reevaluation of how corporations, security professionals, and individual users approach data management and protection.

Major Malware Hacks in the 21st Century

The Apple ransomware issue that occurred a few weeks back is just the latest in a slew of cybersecurity attacks. Other notable malware attacks include the following:

  1. Apple and the Flashback Trojan: Mac users once believed their devices were impervious to attack until they met the Flashback Trojan in 2012. The most frightening aspect of this attack is that it required no user interaction in order to spawn.
  2. Sony Entertainment Pictures and the Destover Wiper: The Sony hack is considered as one of the worst data violations of all time. Hundreds of employee records were breached, as well as confidential emails and project files.
  3. Target and BlackPOS: Target’s infamous cybersecurity breach, which occurred during the 2013 holiday season and affected millions of customers, happened as a result of an affiliate company being compromised via malware. The breach cost Target an estimated $162 million and ended in resignations of both the CIO and CEO.

These new malware breach tactics are cause for concern. It’s no longer enough to protect the perimeter, putting up what co-founder and CEO of the security company Cybereason Lior Div calls a “moat and castle” defense. Instead, Div says, information security professionals should adopt a “1,000 points of light” model to better safeguard business ecosystems against threats that may be working from the inside out.

Changing Tactics to Defend Against Malware Attacks

Higinio “H.O.” Maycotte, founder and CEO of Umbel, compares fighting attacks like those listed above to chasing bacteria with antibiotics. Security breaches are continuously evolving, requiring programmers to stay vigilant and think of more innovative solutions, particularly as hackers add attacks on smartphones and connected devices to their arsenals.

Fortunately, every malware attack offers opportunities to improve Internet security practices and processes related to mobile devices and identity and access management. Here’s a look at some developing cybersecurity tactics and how they can help make the web more secure for all users.

  1. Shifting to an Already Compromised Mindset. Attacks don’t come exclusively from outsider threats — they come from inside organisations, too. As a result, security professionals have started focusing on what to do when a breach happens, rather than if a breach happens. This means preemptively setting up internal system limits to prevent a breach in one area from allowing access to data elsewhere, effectively limiting the extent of a potential hack.
  2. Conducting Security Risk Analyses. Audits and analyses should take place regularly, much like an annual visit to the doctor. Companies who do a regular audit of security practices and processes will be able to identify and address potential vulnerabilities.
  3. Developing Best Security Practices. Every business, big or small, should start to think about vendors’ security practices, internal rules about data storage and transmission, and basic email and Internet safety. These processes should be kept in a living document so that they can be updated quickly and disseminated easily.
  4. Managing and Monitoring Access. Greater breach risk means that disorganised identity and privilege management is no longer an option. Proper monitoring improves security for a business because it’s clear who has access to what information. If a breach occurs, it’s easy to track down the culpable device, if not the person responsible.
  5. Investing in Security Awareness and Training. Employees who compromise security rarely mean to put their employer at risk — often they’re just trying to get their work done. Corporations can minimise this risk by offering extensive security training and providing the tools and resources needed to protect company assets from a breach.
  6. Automating Security Monitoring Wherever Possible. Given the scope of most companies’ data holdings, exclusively manual monitoring isn’t enough. Without automation, a security team could waste a lot of time chasing false leads. To combat this, companies should start using automated monitoring, which can help document escalations.
  7. Focusing on the Entire Attack. Much like a fever shows that a patient has an infection running rampant somewhere in their body, so do malware symptoms indicate deeper complications. Issues may manifest in one location, but it’s likely there are problems elsewhere as well. A thorough investigation beyond the apparently affected area can prevent further damage down the line.
  8. Learning From Others. Malware attacks often move in trends — similar variations of a single program may be used to attack several different brands or applications. As a result, it’s imperative that information security teams stay abreast of recent hacks and breaches. A company may be able to boost its defenses by avoiding the mistakes a compromised brand made.
  9. Developing a Response Plan. Hearkening back to the first point on this list, it’s unacceptable to be unprepared for a breach. Companies should have a plan in place in case a cybersecurity hack occurs. It’ll mitigate downtime and prevent more data from leaking.

Malware epidemics may be the new norm, but information security professionals aren’t sitting idly by. With a proactive approach and an adaptable mindset, corporations and security teams can buck the trend of cybersecurity breaches and provide better protection for users worldwide.

Image source: Shutterstock/Gunnar Assmy