Welcome to the SecAware blog

I spy with my beady eye ...

28 Feb 2016

Malware awareness update 2016

Despite thinking that it would be relatively straightforward to update last year’s NoticeBored malware awareness module for 2016, when we did the research it turned out that the malware situation has taken a turn for the worse since last March, so we ended up writing a slew of brand new content. 

Just to whet your appetite ... last year we raised concerns about bank Trojans. Bank Trojans definitely haven't gone away, unfortunately, but ransomware has (arguably) become an even more significant threat today.  It's not a good sign when the authorities admit defeat, advising "Just pay the ransom".

Other emerging trends in the shady world of malware covered in the new NoticeBored security awareness module include:
  • Multifunctional malware that is remotely controlled, remotely updated, remotely targeted, and (through encryption and obfuscation) more variable than earlier generations. This stuff is hard to identify, block and control, a tough challenge even for the very best antivirus companies with their talented malware analysts and labs stocked with cutting-edge forensic tools.
  • Malware is somehow being deeply embedded in the firmware and (in all probability) the microcode and hardware layers of ICT devices, as demonstrated by the Juniper firewall malware incident. Buried at such depths, conventional operating system and application controls, including antivirus software, can’t touch it.
  • Mobile malware is itself going mobile through the use of Java, allowing botmasters to offer their nefarious services across a broader swathe of platforms than ever before ... so, no, Linux is not immune, nor is iOS and MacOS.
  • The headlong plummet into IoT (Internet of Thingummies) implies an explosion of vulnerable networked devices, lurking in every corner of our lives. 

Read more about the new awareness module here and get in touch if your security awareness and training program could do with being more state-of-the-art than state-of-the-ark.

Gary (Gary@isect.com)

No comments:

Post a Comment