The Troubling Evolutionary Success of Malware

The five tactical keys to the success of today’s viruses and malicious software

As malware evolves at an increasingly accelerated speed, it’s becoming more and more difficult for antivirus software to keep up. This year’s Microsoft Security Intelligence Reports indicated that over 40 million Windows systems were infected with some form of malware last year. Google researchers found that only 25% of real-world malware was detected by common antivirus scanners. Even when they were combined, the scanners were only able to detect 40% of infected downloads.

In order to defend against them, we need to know what is contributing to their success. Security experts have identified five strategies that make today’s malware so successful.

1. Start with the old and sick.
Out-dated and under protected computers are easy prey for viruses and malware. According to Microsoft’s Security Intelligence Report, systems with out-of-date antivirus software, unpatched system software, or no defenses at all have a 1-in-80 chance of being infected on any given month. Whereas a fully-patched, fully updated and protected system has a 1-in-500 chance.

2. Infect in real-time.
Instead of being attached to emails, which give a scanner time to find it, viruses today are coming through a browser or live internet connection. These types of malware can evade detection up to 4 times longer than email-associated malware.

3. Change faces.
Viruses and malware are more frequently able to adapt and change on the fly in order to escape detection. This polymorphism adds a level of randomness that makes it difficult for a scanner to recognize and detect its signature.

4. Lay low.
Just as some pathogens in the real world have a period of time where they lay dormant inside the body, malicious programs can be programed to sleep until a certain action or passage of time activates them.

5. Hiding is half the battle.
Malware today is becoming increasingly adept at actively hides itself from scanners. This evading is so crucial for the program to succeed that over half of its code may be dedicated to bypassing a system’s defenses.

Original article by Robert Lemos.
Read the full story here.

Related Posts

Considerations – Why you should choose infotex, Inc. as your next MSOC!

Reasons why we should be considered! infotex provides a number of services that can be checked out if you click over to! We even made a movie with all the reasons why infotex...

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcom...

Cybersecurity Awareness Month Awareness Poster

About Services Audit & Assessment Policies & Procedures EDR/MDR/XDR Managed SIEM Consulting Services Network Monitoring Education Resource Library Webinars & Workshops V...