About Us | Contact Us
View Cart

The Troubling Evolutionary Success of Malware

By Vigilize | Friday, May 3, 2013 - Leave a Comment

The five tactical keys to the success of today’s viruses and malicious software

As malware evolves at an increasingly accelerated speed, it’s becoming more and more difficult for antivirus software to keep up. This year’s Microsoft Security Intelligence Reports indicated that over 40 million Windows systems were infected with some form of malware last year. Google researchers found that only 25% of real-world malware was detected by common antivirus scanners. Even when they were combined, the scanners were only able to detect 40% of infected downloads.

In order to defend against them, we need to know what is contributing to their success. Security experts have identified five strategies that make today’s malware so successful.

1. Start with the old and sick.
Out-dated and under protected computers are easy prey for viruses and malware. According to Microsoft’s Security Intelligence Report, systems with out-of-date antivirus software, unpatched system software, or no defenses at all have a 1-in-80 chance of being infected on any given month. Whereas a fully-patched, fully updated and protected system has a 1-in-500 chance.

2. Infect in real-time.
Instead of being attached to emails, which give a scanner time to find it, viruses today are coming through a browser or live internet connection. These types of malware can evade detection up to 4 times longer than email-associated malware.

3. Change faces.
Viruses and malware are more frequently able to adapt and change on the fly in order to escape detection. This polymorphism adds a level of randomness that makes it difficult for a scanner to recognize and detect its signature.

4. Lay low.
Just as some pathogens in the real world have a period of time where they lay dormant inside the body, malicious programs can be programed to sleep until a certain action or passage of time activates them.

5. Hiding is half the battle.
Malware today is becoming increasingly adept at actively hides itself from scanners. This evading is so crucial for the program to succeed that over half of its code may be dedicated to bypassing a system’s defenses.


Original article by Robert Lemos.
Read the full story here.

Latest News
    The One Test… …Is there a Test that Covers 9/11’s of the Battle? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Twenty years ago two geek-friends and I debated the following question:  “Is there an Audit Test that covers 9/11’s of the battle?” This […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX infotex has just hired Tanvee Dhir, to be a new Data Security Analyst. “Tanvee is an outstanding addition to the team, bringing a new skillset we are eager to utilize.” says Chad Smith, NOC Manager of infotex. “I am really excited to be […]
    While we’re not a news service, we often use current events to comment on trends and our services. This blog is intended to get people thinking about topics and trends in Technology Risk Management, through our article reviews, as well as through original blog articles about current events and our MSSP services (such as our […]
    Seven Trends . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in technology that will impact the Information Security Officers of […]
    Top Seven Risks . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Once again, I compile this list in preparation for updating our normal board of directors awareness training PowerPoints and movies and such. […]