Sign up for our Newsletters |
Email the Editor 
|
Print
The mobile malware deluge everybody has been warning about may not be upon us – yet. But a couple of security experts say this should not lull businesses into a false sense of security.
Tablets, smartphones, laptops and desktops are primary targets of cybercriminals and they continue to change their tactics and arsenal to avoid detection, according to Nicholas Percoco and Jibran Ilyas.
Percoco, is senior vice president of SpiderLabs, a team of ethical hackers and researchers at Trustwave, a Chicago-based data security and payment card industry compliance management software company. Ilyas, is senior security consultant for forensics at Trustwave. Percoco and Ilyas will be speaking in a forum titled Malware Freak Show at the upcoming SecTor security conference in Toronto next month.
In a talk with ITBusiness.ca recently, Ilyas and Percoco outlined six new tactics that cyber criminals are currently employing to circumvent anti-malware tools and to avoid detection.
The days when hackers and cyber criminals launched a one shot attack with a single weapon are long gone, according to Percoco, who has more than 14 years of information technology security experience under his belt. “Much like legitimate software developers, malware coders now follow a software life cycle development pattern,” he said.
“Malware is created with future variants already in mind so as to make it harder for anti-malware tools and security researchers to zero in on the attackers,” Ilyas said.
Here are six cyber tricks that have become popular in the last two years:
Impersonation – As recently as 2009, attackers were fond of using off-the-shelf malware with names that actually identified them as malware, according to Ilyas. “Forensic experts investigating an infected machine would find embedded malware named something like networksniffer.exe or keylogger.exe. It was pretty easy to identify them as malicious.”
Increasingly, however, malware developers have been naming their creations so that they appear as legitimate files. For example, some malware are coded to appear like real Windows files, said Ilyas.
One solution is to concentrate of the behaviour of the suspect file, he says. “Stalk the process not the label. Find out how the suspect file is behaving and what it is doing to the system.”
Stealing data in transit – With the increasing awareness of the need to encrypt data, attackers are now more frequently going after data in transit when more often than not, encryption is not used, said Percoco. Data in temporary storage such as credit card and is also generally not encrypted until they are stored in back-end servers.
Page Navigation 1) Sneak peek at weird malware session from Sector. – Page 1
2) Crooks encrypting malware to hide from security software. – Page 2
Next Page
Back
Article source: http://www.itbusiness.ca/it/client/en/home/News.asp?id=64253
View full post on National Cyber Security » Virus/Malware/Worms