EMERGING TECH
EMERGING TECH
EMERGING TECH
Fortinet security strategist sees rise in stealthy attacks as zero-day market matures
Crooks are getting smarter at covering their cyber tracks. The FortiGuard Labs’ Q1 2018 “Threat Landscape Report” sheds new light on the growth of designer malware, tools used by cybercriminals to infect systems in ways that are difficult to detect and harder to remove.
“Cybercriminals are evolving their attack methodologies to be able to increase their success rate, as well as being able to increase their infection rate,” said Anthony Giandomenico (pictured), senior security strategist and researcher at Fortinet Inc. “This whole zero-day market is getting more mature.”
Giandomenico spoke with Peter Burris (@plburris), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, in Palo Alto, California, to discuss new forms of malware that are harder to detect, a rise in stealth attacks controlled at will by cybercriminals, the growth of cryptojacking, and progress in handling enterprise botnet infections.
Fileless malware attacks
Because anti-virus software relies on previously discovered signatures to identify malware, zero-day attacks exploit unknown vulnerabilities. An example of this can be found in fileless malware, which made its presence felt in enterprise networks two years ago.
“Fileless malware is very stealthy,” Giandomenico explained. “It will use scripts to inject their actual payload into memory, with nothing on disk, so it makes it a lot more difficult to detect.”
Attackers are also doing reconnaissance on organizations now, according to Giandomenico. After breaching a firewall, criminals can move methodically across the network and place malware on systems of apparent value.
“Once they’re ready, they flip the switch and all of those systems now are held hostage,” Giandomenico said. “That impact is much greater to the business.”
Are there positive signs emerging in the cybersecurity world? While Fortinet’s report found a doubling in cryptojacking detections, this may be at least a milder annoyance to enterprises since this form of hacking steals computer resources to mine bitcoin rather than proprietary data.
Fortinet researchers were also encouraged by improvement in being able to resolve botnet infections. “What we were able to determine is 58 percent of organizations, within 24 hours, were able to clean up a particular botnet infection, which is actually pretty good,” Giandomenico conlcuded.
Watch the entire video interview with Giandomenico below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations.
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
