As we approach the first anniversary of the massive Target data breach that opened the floodgates for thousands of other attacks, we look at whether security measures are better or worse than last year. Are we better prepared to defend against the malware that took out Target, Home Depot and thousands of smaller firms, or is the malware used in these attacks simply outrunning us?
The news is not encouraging. PandaLabs, the research arm of security firm Panda, has been tracking new malware for years. According to the company, more than 50 million new strains of malware have emerged since the Target attack, and 20 million of those strains were detected in the third quarter of this year alone. Using those numbers, that works out to a stunning 227,000 new strains of malware being introduced to the world every single day for just the last twelve weeks.
The vast majority of new malware strains and infections, more than 75% of them, were Trojans. This malware is not having much trouble finding computers and servers to infect. According to Panda, more than a third of personal computers worldwide are now infected with malware.
These statistics are even more important as we approach the busy holiday season. With more people online, surfing, searching and shopping, the spread of malware will only increase, and much of this could be Point of Sale malware.
Close cousins of the malware that was used in the massive data breaches at Home Depot and Target are now on the march. The Backoff malware, which is widely regarded as undetectable by antivirus software, increased by nearly 30% in September alone according to security firm Damballa.
Businesses are not the only targets. Researchers recently found advanced malware known as Black Energy that has been compromising industrial control systems around the world, undetected, possibly for years. As with many of the most sophisticated attacks, they have often started with a phishing email to an unsuspecting or untrained employee.
Much of this malware lies in wait for its victims. The recently discovered Dark Hotel malware has been infecting hotel Wi-Fi networks around the world. The malware lies in wait for visiting guests to use the network, then tricks them into downloading malware that includes a keylogger and other data stealing components. While all guests are vulnerable, the prime targets are traveling executives who may provide access to sensitive corporate information and networks.
So what can you do to minimize the risk? The answer is in the question. With so much malware now able to evade antivirus software, it’s time to start assuming that risk mitigation is a better and more realistic option than absolute prevention
Your best defense is a “shield’s up” approach. Identify the most common ways malware can enter your business, whether it’s through an unprotected website or a careless employee, and patch the holes in the fence.
If you’re going to assume that you can’t keep all malware out, you can still do many things to reduce the potential damage. User privilege management is one of the best defenses. If you strictly limit the access privileges of your users to just the things they absolutely need access to, you can prevent malware from jumping from the lowest level of access to the highest.
As we approach the first anniversary of the Target breach, it’s worth remembering how the attack started. Target granted almost unlimited access to a lower level employee of a small, outside, service company. Once the hackers had the user’s password, they had undetected access to Target information for months. Make sure that you’re doing everything you can to prevent these types of attacks. Don’t become the next headline. To get started on the path to a secure website, contact SiteLock for a free website security analysis.