Alliances
cancel
Showing results for 
Search instead for 
Did you mean: 

More malicious than ever: Preparing for today’s and next-generation malware attacks

EIC_Alliances

By Martin Zich

Malware is a shortened version of “malicious software.” And we are just now finding out how malicious that “ware” can be. Not that we have not faced malware threats in the past. But the malware we are staring to seeing today … and the threats we anticipate seeing in the future … give a new meaning to maliciousness and destructiveness.      

Upping the threat level 

Edge 1.jpgToday’s malware uses various techniques to defend against detection like using polymorphic files, encryption, sandbox awareness during detection and more. But even bigger problem is the number of new types of malware being created. That’s because it is now really easy to create a custom malware. Even a person with average IT skills can do it. We will also be dealing with a huge amount of simple “one-purpose” malware which may not be so advanced, but simply takes advantage of already known weaknesses. The sophistication of infection, hiding and pivoting techniques will probably still keep rising. 

Note that the widespread adoption of cloud and also hybrid environments further complicates the situation. By adopting those solutions the companies need to count with giving up some of their control and visibility as well. Suddenly your information are not only at your server but also somewhere in cloud so you may need to adopt specific techniques/controls to mitigate the risk of their leakage or integrity. Critical information could travel across public networks. You may be sharing physical infrastructure with other companies of all types and locations.  

So how does an enterprise deal with these growing threats? 

Aligning the response

The best way to make a bad situation better is to adopt adequate machine learning defense, based on experience made by other similar organization and users in the cyber-world. Cyber professionals will focus more on threat vectors and specific scenarios rather than specific malware in order to create effective defense. 

In terms of an organization’s security governance, there will be increased pressure on correct risk management, where it all starts, and the connected processes such as vulnerability management with immediate patching. Organizations also need to make sure that their “safety net” created by business continuity and disaster recovery truly covers everything that “may break” and the correctly recognized residual risks accepted. Organization should simply assume a major disruption not only during BC/DR design. 

A really good move: partnering with HPE Pointnext

HPE Pointnext has developed a set of best practices to protect against today's rising number of sophisticated known and upcoming unknown malware threats. Our approach is based on extensive experience gained from helping companies around the world – large and small - during their major disruptions. That experience helps us identify and address the most critical and vulnerable areas. It also enabled us to estimate consequences of a practice we may observe. That is very helpful for organizations which would prefer to learn from others’ mistakes, rather than from their own.  

Basically, HPE Pointnext has sets of services that cover an enterprise’s entire cyber-security story – starting at the governance level and going down to deep technical details – to create the overall security posture that’s right for them.   

Fighting back  

It is important to remember that security really needs to be part of the planning and design of every project. This approach will eliminate many painful additional and unplanned changes which not only cost money or increase the risk of being breached but also cause the plans run significantly longer and make employees, management or any stakeholders really unhappy. 

Also keep in mind that cyber-security is an ongoing thing. It simply never ends … just like technology evolution seems to be never-ending. You need to create a plan to ensure that your security posture remains just as effective tomorrow as it is today. 

HPE can help you in all of these areas.

Martin Zich is a cyber-security consultant, and member of HPE Worldwide security team,. He has 10 years of experience in the security industry and focuses on various cyber-defense and attacking techniques connected solutions and products to ensure information security, privacy and overall cyber-resiliency.  Martin specializes in both deep-diving technical advisory and overall cyber-security strategies, correct governance and addressing various compliance requirements.

0 Kudos
About the Author

EIC_Alliances

Events
See posts for
dates/locations
HPE at 2018 Technology Events
Learn about the technology events where Hewlett Packard Enterprise will have a presence in 2018.
Read more
October 9 - 10, 2018
Online
Expert Days - 2018
Visit this forum and get the schedules for online HPE Expert Days where you can talk to HPE product experts, R&D and support team members and get answ...
Read more
View all