How to Avoid Targeted Malware
Hackers many times use basic malware to gain partial access to a secure system. Once this has been successful the hackers can start to try to find additional information specific to that business or data they are trying to access since they now have a foothold into the system. By gaining more specific information using the malware already infecting a compromised server(s), they can begin to construct custom malware to further exploit the system.
Custom malware is quickly becoming a new laser targeting method of breaching secure systems as hackers find specific weak points in a supposedly secure system. Dedicated server defenses need to thwart attacks every single time, were a single breach from a hacker is all it takes for a successful intrusion.
Malware is not always the crude email phishing attempts that are in most cases easy to spot even for novices in the Internet of Things world we now live in. Custom malware could begin to be customized to a specific online business by even just basing phishing emails or sites on similar industries as the target is in involved in. An online business accepting PayPal payments from its customers would receive PayPal like phishing emails instead of nude photo links in an email.
Successful attacks need to go undetected for as long as possible to be deemed successful by the attackers. Not knowing how an attack was successful once discovered is just as bad since it will in most cases simply happen again. Opening a backdoor for communication between the hackers and the dedicated servers without administrators knowing about it or triggering any intrusion alerts is a worst case scenario for any online business.
Finding employees who are least knowledge is in many cases a “good” start for hackers since starting with easy targets is the simplest way to gain access. Hackers generally do not start with the hardest to gain access points first unless that is all they are left with. That in many ways, is what every online business wants to achieve; where the hackers are forced to give up and move on.
Once cybercriminals gain access to the most basic part of a system, they can then proceed from there to further their attacks looking for additional pieces of information specific to that company by seeming like legitimate emails, access requests such as lost password retrieval, fake software updates etc. In many cases, the initial targeted attack can be human-to-human based such as a simple phone call pretending to be someone they are not asking (or demanding) access because their “job depends on it” and they are the only one’s who can help them.
A hacker with very good people-skills can in many cases be the most damaging to a business and all that is needed for a targeted and highly customized malware exploit. By exploiting an employees sympathy and good-hearted nature, several security measures can easily and quickly be bypassed in a flash.
Hackers are not always using computers as a medium to obtain unauthorized access.
Another example of targeted malware is spoofing an email that seems to come from a place that several employees frequent, such as a golf course, restaurant, or any number of the various club memberships that exist. In the email is an attachment such as a pdf file which looks innocent enough regarding news of the establishment employees frequent until it is realized that the pdf files contained malware that slipped past the email server security scans.
The Great Bank Robbery is a good example of how phishing and malware can be carried out even in the supposedly most secure of places. It just goes to show, that everyone can be a target regardless of size. The longer malware remains undetected the more damage it will inflict, either financially or to a firm’s reputation or both and many times their clients unfortunately have to suffer the consequences.
Custom malware can be especially difficult and troublesome when it comes to identifying the culprit of the attack. In many cases it is assumed it is an inside job, such as a former or current employee, since the custom malware required signifiant specific knowledge on a firms cyber defenses. However, in many cases cybercriminals are more than happy to misdirect an investigation in to making it look like an inside job.
Preventing hackers from getting a “foot in the door” from traditional malware as mentioned earlier is vital in blocking a custom targeted attack. Ensuring employees know about several tactics cybercriminals use can prevent them from becoming the gateway to bypass a firm’s defenses. Cyber defenses are only as strong as its weakest link in the chain.