Malware Manual – Part 1: Recognizing Your Risk


malware-manual-part1Ransomware has been grabbing headlines in recent months, with attacks starting in countries such as the UK or Ukraine and then sweeping across the globe. High-profile industries, such as healthcare, have been targeted as victimized organizations vary from care providers to equipment suppliers. But instead of piquing the interest of leaders of small to mid-size businesses (SMBs), the attention devoted to ransomware could be distorting perceptions of the overall malware threat.

“The proliferation of new malware strains is increasing year after year,” Bitcoin blogger Matthew Tompkins recently posted. “Yet ransomware such as WannaCry and Petya make up only a small percentage of the total types of malware on the loose.”

As evidence of his assertion, Tompkins offers statistics from a study by G DATA Security Labs. Per G DATA’s findings, more than 6.8 million new digital malware strains were detected in 2016, which was an increase of nearly 33 percent over 2015. In the first quarter of this year alone, G DATA researchers detected more than 1.8 million malware strains for a creation rate of one every 4.2 seconds. And as a proportion of this epidemic, instances of ransomware are relatively small. Other forms of malware, such as Trojan viruses and adware, are much more common and also inflict considerable damage to an organization’s operations.

By sharing these findings, are we suggesting our readers ignore ransomware as a cybersecurity issue? No. Instead, we’re encouraging SMB leaders to see beyond one type of malware and consider their exposure to the whole category. For example, can you answer these questions?

  • How many assaults from Trojans and/or adware has our firm weathered this year?
  • How vulnerable is your IT infrastructure to a distributed denial of service (DDoS) attack?
  • How much does your staff know about recognizing phishing techniques – and the consequences of being hooked by one?

For a thorough, structured approach to recognizing cybersecurity risks, we advocate applying the Cybersecurity Framework developed by the National Institute of Standards and Technology (NIST). The NIST framework promotes five tenets for holistically managing cybersecurity:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

The first, “Identify,” concentrates on assessing your situation to determine your level of jeopardy and ability to improve your posture:

  • Asset management – What cybersecurity resources – hardware, software, people – do we have in place? Which do we need to acquire? How many should be upgraded or trained?
  • Business environment – How are cyber crooks attacking our industry? Our type of organization?
  • Governance – Are we compliant with regulations such as data breach notification (DBN) protocols?
  • Risk assessment – Do you practice “risky IT management methods” that cyber criminals target?
  • Risk management strategy – Have you developed a cybersecurity policy? If your answer here is “no,” then be sure to read the next installment in our Malware Manual series “Building Your Cybersecurity Policy.”

Keep in mind as our “Malware Manual” series continues that aligning the NIST framework alone does not guarantee a cybersecure organization. Implementing specific services, user education and best practices around cybersecurity make the difference.