Crooks are getting smarter at covering their cyber tracks. The FortiGuard Labs’ Q1 2018 “Threat Landscape Report” sheds new light on the growth of designer malware, tools used by cybercriminals to infect systems in ways that are difficult to detect and harder to remove.

“Cybercriminals are evolving their attack methodologies to be able to increase their success rate, as well as being able to increase their infection rate,” said Anthony Giandomenico (pictured), senior security strategist and researcher at Fortinet Inc. “This whole zero-day market is getting more mature.”

Giandomenico spoke with Peter Burris (@plburris), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, in Palo Alto, California, to discuss new forms of malware that are harder to detect, a rise in stealth attacks controlled at will by cybercriminals, the growth of cryptojacking, and progress in handling enterprise botnet infections.

Fileless malware attacks

Because anti-virus software relies on previously discovered signatures to identify malware, zero-day attacks exploit unknown vulnerabilities. An example of this can be found in fileless malware, which made its presence felt in enterprise networks two years ago.

“Fileless malware is very stealthy,” Giandomenico explained. “It will use scripts to inject their actual payload into memory, with nothing on disk, so it makes it a lot more difficult to detect.”

Attackers are also doing reconnaissance on organizations now, according to Giandomenico. After breaching a firewall, criminals can move methodically across the network and place malware on systems of apparent value.

“Once they’re ready, they flip the switch and all of those systems now are held hostage,” Giandomenico said. “That impact is much greater to the business.”

Are there positive signs emerging in the cybersecurity world? While Fortinet’s report found a doubling in cryptojacking detections, this may be at least a milder annoyance to enterprises since this form of hacking steals computer resources to mine bitcoin rather than proprietary data.

Fortinet researchers were also encouraged by improvement in being able to resolve botnet infections. “What we were able to determine is 58 percent of organizations, within 24 hours, were able to clean up a particular botnet infection, which is actually pretty good,” Giandomenico conlcuded.

Watch the entire video interview with Giandomenico below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations.

Photo: SiliconANGLE