The tools for creating malware are getting easier to use as are the ways of buying and selling it. Terbium Labs' Emily Wilson discusses the evolving malware threat with TechRepublic.
Malware is no longer the exclusive tool of technically-gifted programmers, criminal organizations, and nation-states. Like traditional software, the tools for creating malicious software have gotten easier to use and the channels for selling it more varied.
TechRepublic's Dan Patterson, spoke to Emily Wilson the Director of Analysis at Terbium Labs, an information security company, about these trends and specifically about the Diamond Fox malware suite.
SEE: 4 questions businesses should be asking about cybersecurity attacks (Tech Pro Research)
Diamond Fox is an example of how malware is becoming more user friendly, more modular, and easier to use, Wilson said. Check Point refers to it as a 'malware ecosystem,' as it offers a variety of threats, from DDOS attacks to other "nastier bits of malware."
Wilson explained that as the barrier to entry for using malware is lowered, those with less technical skill will begin to test the malware water. We're going to see more noise, more vandalism, and on a nation-state level, a wider spectrum of tools being used, she said.
New malware markets, same motivations
Instead of shadowy figures using chat rooms and encrypted channels to cut secretive deals, these days malware creators often post a message like, "Hey, I built this thing. I'm pretty happy this. Anybody want to buy it?" Wilson said. And anyone with access to sites on the dark web, from nation-state actors to bored teenagers, can get their hands on fairly sophisticated malware.
Despite the dramatic changes in the way malware is bought and sold, the motivations for its creation and use are the same...politics, curiosity, bragging rights, and of course money. Stolen data can be valuable because of the company or agency that held it, such as the 2015 Ashley Madison hack, or valuable because of what the data contain, such as social security numbers and financial account information.
Malware protection begins with understanding the risk
Before developing extensive cybersecurity policies or deploying sophisticated security software, Wilson recommends companies start with the most-obvious, but often the least-implemented defense strategy: realism. Leaders must know what kind of organization they are, what kind of data they have, and have a good sense of where they fit on the spectrum of being a target, she said.
- Network Security Policy (Tech Pro Research)
- Video: Fileless Malware Explained (TechRepublic)
- Top 5 things to know about ransomware (TechRepublic)
- How to make your employees care about cybersecurity: 10 tips (TechRepublic)