Malware Manual – Part 1: Recognizing Your Risk(1)

1/2/2019

Malware Part 1Ransomware has been grabbing headlines almost daily for the last year. High-profile businesses such as hospitality, social media, and healthcare have been targeted as victimized organizations. Also noted over that same time period, the landscape of cybertheft has changed. Instead of seeking you out via email, cybercrooks are more likely to wait on the web until you find them.

“More often than not, today’s malware is distributed via the web. Executables are becoming less of a problem,” author Hauke Gierow recently reported. “While there are more malware types, conversely the overall numbers of cyberattacks are decreasing as the attacked are more targeted.”

As evidence of his assertion, Gierow offers statistics from a study by G DATA Security Labs. Per G DATA’s findings, more than 8.4 million new digital malware strains were detected in 2017, which was an increase of nearly 19 percent over 2016. In the first part of 2018 alone, G DATA researchers detected more than 2.3 million malware strains, and a forecast for 5.4 million in 2018. Other forms of malware, such as Trojan viruses and adware, are much more common and also inflict considerable damage to an organization’s operations.

By sharing these findings, are we suggesting our readers ignore ransomware as a cybersecurity issue? No. Instead, we’re encouraging business leaders to see beyond one type of malware and consider their exposure to the whole category. For example, can you answer these questions?

  • How many assaults from Trojans and/or adware did your firm weather in recent months?
  • How vulnerable is your IT infrastructure to a distributed denial of service (DDoS) attack?
  • How much does your staff know about recognizing phishing techniques – and the consequences of being hooked by one?

For a thorough, structured approach to recognizing cybersecurity risks, we advocate applying the Cybersecurity Framework developed by the National Institute of Standards and Technology (NIST). The NIST framework promotes five tenets for holistically managing cybersecurity:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

The first, “Identify,” concentrates on assessing your situation to determine your level of jeopardy and ability to improve your posture:

  • Asset management – What cybersecurity resources – hardware, software, people – do we have in place? Which do we need to acquire? How many should be upgraded or trained?
  • Business environment – How are cyber crooks attacking our industry? Our type of organization?
  • Governance – Are we compliant with regulations such as data breach notification (DBN) protocols?
  • Risk management strategy – Have you developed a cybersecurity policy? If your answer here is “no,” then be sure to read the next installment in our Malware Manual series “Building Your Cybersecurity Policy.”

Keep in mind as our “Malware Manual” series continues that aligning the NIST framework alone does not guarantee a cybersecure organization. Implementing specific services, user education and best practices around cybersecurity make the difference.