Welcome to NBlog, the NoticeBored blog

I may meander but I'm 'exploring', not lost

Feb 25, 2018

NBlog February 25 - malware update 2019?

The 2018 malware update awareness module is a Work In Progress. We've all but completed the awareness materials for the general staff audience, and today we'll crack on through the management and professional streams.

Every year I wonder what we are going to say in the malware module, given that we've covered this topic so many times before. I worry that we might not find anything new to add, forcing us to re-hash the same old stuff in the hope of making it interesting enough to resonate with the audiences. 

Yet again I needn't have worried. The malware threat is constantly mutating, much like a biological virus in fact. As fast as we discover and get to grips with each form, novel attacks and new challenges arise. There's no shortage of new things to say.

Cryptomining malware emerged from its lair in the middle of last year. As it happens, it's one of the more benign forms that merely consumes resources, reduces performance and increases costs, as opposed to devastating and in some circumstances life-threatening forms ... and yet it is virulent (it spreads widely and rapidly) and weakens the host (aside from running the cryptomining software, what else might be going on in the background?).

Perhaps next March when we refresh the malware module yet again, we'll pick up on the biological similarities by bringing up MRSA "superbugs" that have the healthcare and pharmaceutical industries and authorities worried. What will we do if/when our antivirus controls fail us? What is the cybersecurity equivalent of 'deep cleaning the ward' using bleach, with palliative care for patients whose infections we simply cannot treat? If it came down to it, how would we fully isolate and treat an organization whose malware infection seriously threatens the rest of us? Who has the ability, and the authority, to turn off life-support or flip the kill-switch?

It would be good to have kick-started the thinking and planning early, before we find ourselves wallowing around in brown stuff. Security awareness isn't purely about learning from the past, or even the present.

Either way, I'm confident that in a year's time there will be something new and pressing to raise!