Is There a Way To Outsmart Malware?
The growth of data breaches and identity theft has been steadily on the rise during this year. Taking targeted hackers attacks aside, the main reason behind this is the new generation of smarter malware and viruses. In the past, you could sleep safe knowing that your data was protected if you had an up-to-date antivirus installed and don't download any shady software, today it's no longer the case.
While security technology certainly advances, so do online threats. Cybercriminals are getting better at discovering and using so-called "zero-day" vulnerabilities – more commonly known as flaws in browsers and website plugins, which leave your computer open to a brute attack without your security systems even suspecting the hazard. According a recent Symantec report the number of zero-day vulnerabilities discovered last year have doubled to 125% when compared to last year. The biggest problem with such malware is that it's hard to detect and it may siphon your valuable data for months before you manage to track and exterminate it.
How Does Security Solutions Tackle The Growing Trend of Smart Malware?
While your standard anti-virus software can possibly no longer protect you from smart malware, more advanced, enterprise level tools with more sophisticated security layers are likely to keep your systems intact.
Currently the best tools to fight against the new generation of malware are those equipped with the machine learning functionality, as the only way to spot the new kind of malware is to take the previously known data into account. For security testing of web applications, often used to deliver and spread malware, hybrid web security solutions are also on the rise. ImmuniWeb is one of them, offering a comprehensive, multi-layer assessment and continuous monitoring based on a combination of manual penetration testing and machine learning technology
Cybersecurity companies now face a new challenge of creating a smarter solution, capable of detecting and blocking unknown hazards, while being lightweight and deployable in varying environments.
Common New Online Hazards
The previous generation of behavior-based systems is now facing major roadblocks as cybercriminals have developed a new kind of malware that can "sleep through the sandbox" – it remains inactive and hidden during security tools scanning and will only unpack the payload after it's through the hostile environment.
Minerva Labs recently presented a cure for this issue. Their tools dupe malware into thinking that it's constantly being in a hostile environment, hence it avoids unpacking and executing its malicious payload.
Another common trick is using macro scripts embedded in MS Office documents, so stay cautious with suspicious downloads from unverified senders. If you ever receive a document strongly asking you to enable macros (e.g. to see a blurred image more clearly), get immediately out of it. Most likely, once you enable macros, the hidden virus will unpack. In fact, this trick was behind the most successful ransomware campaigns staged up to date.
What's The Future Has Stored For Us?
The traditional pipeline for dealing with malware looks like this – discover the threat, register the signature and afterwards deliver a definition update to the protection tools. Obviously, for savvy hackers breaking through this loop is rather easy as it takes just a few quick code updates added to the virus to build a brand new threat.
As David Cowan noticed: "Like antibiotic-resistant bacteria, attackers adapt to our defenses and render them obsolete".
Registered malware growth is huge with over 430 million new and unique items being created in 2015, a 36% growth compared to last year. Over one million pieces of malware are produced daily. Yet, 90% of all the new malware are upgraded versions of the old specimens, even the new zero-day malware consists of old components pulled out off earlier versions.
This data proves a simple, yet important fact – recycling malware is easy, yet developing a completely new one is extremely difficult.
An innovative security startup CyActive decided to take advantage of that fact and are now developing a solution that prevents cybercriminals from re-using old code. This security tool uses bio-inspired algorithms and predictive behavior algorithms to automatically forecast how current malware will be modified in the future. This way, most companies will be equipped with a cure prior that the attack is even committed, leaving hackers with the only complicated and painful option to build absolutely new malware from scratch.
