Intelligent CIO North America Issue 6 - Page 82


Malware : Trends , defense strategies and incident response planning

Threat actors have leveraged the fear and uncertainty created by the global pandemic to ramp up their social engineering and malware attacks – both of which can be hugely detrimental for organizations . Sherrod DeGrippo , Senior Director , Threat Research and Detection , Proofpoint , highlights the malware trends organizations need to be aware of and offers some key advice to CISOs building their incident response plans .

tThe impact of COVID-19 on the threat landscape

“ As we saw the situation develop over the past several months , beginning at the early part of 2020 , as things started to move west , we were definitely questioning how this current event would impact the threat landscape and we saw the first use of COVID-19 in social engineering attacks in late January .
“ Those were against targets in the West , so it was absolutely something that was on the mind of the threat actors and started quite early as that news came in ,” DeGrippo explained .
As the situation has developed , threat researchers have identified much more specific and tailored techniques .
“ Instead of just talking about the virus , we see social engineering talking about the vaccine , or saying ‘ click here to see a list of people who have been infected in your area ’. We see it used as a way to push for urgency .”
Where the threats are coming from and the motivation behind them
DeGrippo highlights that ‘ just about every ’ actor on the landscape has leveraged the pandemic in some way – from the typical commodity , crimeware actors to state
82 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com