Weaponized Software: The Case For Better Cybersecurity
Software as a weapon? It’s not only possible, it’s rapidly becoming commonplace — as evidenced by recent malware attacks that led to the transfer of more than $81 million from the Federal Reserve Bank of New York to private accounts in Asia, while point-of-sale malware continues to frustrate large retail companies. With hackers getting smarter and software more sophisticated, how do companies take cybersecurity to the next level?
Malware isn’t a new concept, but the rapid pace of technology adoption — from cloud computing to wearable devices to always-on smartphones and tablets — offers cybercriminals a massive attack surface, and they’ve developed a host of new ways to infiltrate machines and steal or destroy data. Consider the rise of “ransomware,” weaponized software that encrypts user files and then demands a ransom for release. Exploit kits (EKs), meanwhile, are pieces of software for rent on the “Dark Web” that let attackers infect computers and then download the malware strain of their choice. Hackers are also bringing back older attack vectors, such as “macro malware,” which uses Microsoft Word macros to launch compromised processes.
That’s not all. The volume of these attacks has increased significantly — security firm Symantec discovered more than 430 million new pieces of malware in 2015, up 36 percent from 2014. Unexpected attack vectors are also emerging — for example, the rise of “shadow IT,” users who circumvent information security rules to download third-party apps, many of which don’t meet corporate safety standards. According to a report recently released by Tenable Network Security, 88 percent of IT decision makers believe the existence of shadow IT makes their companies more vulnerable.
Defending the Border
Solving the problem of weaponized software demands a new approach to cybersecurity. Instead of treating corporate networks like static borders that must be defended at any cost, many companies are turning to more flexible alternatives that detect threats in progress, limit the impact of data breaches, and incorporate employee training into a holistic cyber-defense program. There’s also a growing demand for better threat sharing among private and public industries to help get ahead of hackers and improve incident response protocols.
Of course, attackers aren’t resting on their laurels while the good guys regroup; new threats are constantly being developed and refined. Businesses can expect to see a rise in targeted attacks over scattershot-style threats as entry-level defenses evolve — for example, phishing emails that contain malicious attachments or download links have become far more convincing. Mobile attackers, meanwhile, have discovered ways to infect devices simply by sending emails; users don’t even need to open the message. Or consider the discovery of “Fansmitter,” malicious software that can steal data from air-gapped computers by changing the rotation speed of on-board fans.
So how do companies stay safe as the digital environment becomes increasingly hostile? Agile security practices are essential: Think cloud-based solutions, end-user analytics, and investigative software that lets you track down potential points of compromise. There is also a need for increased communication among companies and government agencies — since hackers are more than willing to share successful tips and tricks, staying silent does nothing but increase the chances of network compromise.
Weaponized software is on the rise. Defend what matters by understanding current threats and adopting new countermeasures to meet emerging attacks.