In the last few years, organizations have been subject to extortion through ransomware. Now, hackers are bypassing the nasty business of trying to get people to give them cryptocurrency to simply hijacking your processor to mine for cryptocurrency. As a result, the methods employed are growing in sophistication and creativity, including using internet memes to compromise systems.
The malware threat is compounded by the increasing attack surface. For example, as organizations move to the cloud, so too do cybercriminals. Cloud assets are as vulnerable to malware attacks as your on-premise systems. Not to mention the increasing use of internet-connected IoT devices both in the office and the home.
And while organizations focus on malware prevention and detection (and rightly so), malware forensics is an important remediation capability that is often forgotten. When malware is discovered, you can’t remediate unless you know exactly what the malware did and what it changed.
Three Basic Steps to Mitigate the Risk of an Attack
Given the increase in the number of malware and their sophistication, what’s the best way to mitigate the risk of an attack? There are three basic steps you can take:
- Ensure that your entire environment is configured securely.
- Monitor those systems for evidence of tactics, techniques and procedures (TTPs) employed by malware authors.
- Analyze unexpected changes that involve new or updated files for malicious behavior.
Maintaining secure configurations of your assets is a great way to mitigate a significant amount of risk from malware. This not only includes securing server, network device and application (like database and web server) configurations but also things like cloud management accounts and containers. Organizations such as CIS and NIST produce specific, measurable and actionable policies on how to secure a wide array of assets.
Since the specific files associated with malware change rapidly, (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Rod Musser. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cyber-security/malware-three-industry-problems-and-how-to-solve-them/