UPDATED 17:27 EST / JULY 05 2018

EMERGING TECH

Fortinet security strategist sees rise in stealthy attacks as zero-day market matures

Crooks are getting smarter at covering their cyber tracks. The FortiGuard Labs’ Q1 2018 “Threat Landscape Report” sheds new light on the growth of designer malware, tools used by cybercriminals to infect systems in ways that are difficult to detect and harder to remove.

“Cybercriminals are evolving their attack methodologies to be able to increase their success rate, as well as being able to increase their infection rate,” said Anthony Giandomenico (pictured), senior security strategist and researcher at Fortinet Inc. “This whole zero-day market is getting more mature.”

Giandomenico spoke with Peter Burris (@plburris), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, in Palo Alto, California, to discuss new forms of malware that are harder to detect, a rise in stealth attacks controlled at will by cybercriminals, the growth of cryptojacking, and progress in handling enterprise botnet infections.

Fileless malware attacks

Because anti-virus software relies on previously discovered signatures to identify malware, zero-day attacks exploit unknown vulnerabilities. An example of this can be found in fileless malware, which made its presence felt in enterprise networks two years ago.

“Fileless malware is very stealthy,” Giandomenico explained. “It will use scripts to inject their actual payload into memory, with nothing on disk, so it makes it a lot more difficult to detect.”

Attackers are also doing reconnaissance on organizations now, according to Giandomenico. After breaching a firewall, criminals can move methodically across the network and place malware on systems of apparent value.

“Once they’re ready, they flip the switch and all of those systems now are held hostage,” Giandomenico said. “That impact is much greater to the business.”

Are there positive signs emerging in the cybersecurity world? While Fortinet’s report found a doubling in cryptojacking detections, this may be at least a milder annoyance to enterprises since this form of hacking steals computer resources to mine bitcoin rather than proprietary data.

Fortinet researchers were also encouraged by improvement in being able to resolve botnet infections. “What we were able to determine is 58 percent of organizations, within 24 hours, were able to clean up a particular botnet infection, which is actually pretty good,” Giandomenico conlcuded.

Watch the entire video interview with Giandomenico below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations.

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU