Intelligent CIO North America Issue 6 - Page 83

Malware trends of which organizations should be aware
“ Malware is something that ' s always evolving – that ' s one of the things that we can count on . It ’ s never the same day-to-day , week-to-week ,” DeGrippo said , highlighting that the last year had seen the emergence of two similar types of malware that work together .
“ The first is the age of the modular downloader . These downloader malware samples essentially get on a machine and then they download second , third and later stage payloads , meaning that the threat actor can make a decision about what is actually put on that machine in the end .
“ Something you ' ve all been hearing a lot about is , of course , ransomware . What we ' ve noticed is that these operator control downloaders are typically the delivery vehicle for ransomware when the threat actor makes the decision that ransomware is the right choice .”
Most detrimental types of malware for enterprises
“ It really depends on what your operations look like day to day – a banking trojan which steals money out of a bank account may be really devastating for some businesses if they operate on a really tight cash flow , whereas if there is ransomware on a few machines they might be able to turn those around quickly ,” DeGrippo said . sponsored and smaller actors behind the likes of BEC and email fraud .
“ When it comes to motivation for attacks like these , typically they ' re financially motivated . Of course , the state sponsored actors are motivated by espionage and nation state type interests , but for the most part , the motivations that these actors have hasn ' t really changed , the social engineering wars that they ' re leveraging is what has become the new thing ,” she said .
Vertical and regional targets
While such attacks originally started with a focus on targets in the west , these have now become so widespread they are no longer considered ‘ unusual ’. DeGrippo said : “ At this point , anyone , anywhere , is subject to potentially getting a COVID-19 social engineering attack .
“ We see these day in and day out now , in all kinds of different ways . So , it ' s really become the standard .”
However , ransomware in large-scale deployment has been ‘ absolutely devastating ’ for organizations . Historically , ransomware would be on one machine and , while inconvenient , could generally be taken care of by the IT team .
“ The new ransomware landscape is about a much more deliberate and strategic approach , where the threat actors are looking to ransom an entire company , their entire business operations and shut that whole organization down at once in order to get a much larger ransom payment ,” said DeGrippo .
“ We used to see US $ 100 to US $ 800 for ransoms . Now we ' re seeing ransoms in the millions , because what they ' re able to ransom is no longer just files , but an entire company ' s ability to operate .”
How successful threat actors are in obtaining these ransoms
“ Typically in my line of work we look to stop these things before they ever get to those end-users but , from what I have seen in the media , it does appear that a lot of
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 83