Malware attacks involve malicious software, viruses, ransomware, and Trojan horses that are capable of compromising and infecting servers, laptops, computers, tablets, and smartphones.
Other malware variations include:
- Spyware, worms, rootkits, botnets,
- Dialers, keyloggers, adware,
- Malicious Browser Helper Objects (BHO) among others
A Cyber Security Threat Twist
One of the newer malware tactics, known as Power Worm and CRIGENT, attacks by using infected Microsoft Excel spreadsheets or Word docs. Power Worm connects with a server and downloads a malicious PowerShell script that collects and transmits system information back to the attack base with the user's server, account privilege level, IP address, and geographic location – and then waits for commands from the attacker command center [1].
Power Worm also compromises information security by lowering Office security settings and making registry entry changes which result in an infection of all Excel and Word docs on the system.
This attack maneuver is executed using Windows PowerShell to carry out system breach attacks rather than including executable code. PowerShell is an ideal choice to conceal malware because the familiar interactive shell and scripting tool is available for Windows' current versions. And, starting from Windows 7 onward, it's a built-in feature. This cyber security threat is easy to miss even by experienced IT admins because it's not an especially common technique.
Malware Advances
Malware, such as the Zeus toolkit can drain bank accounts in just a matter of seconds. Zeus, one of the most powerful financial trojan platforms, is responsible for the theft of hundreds of millions of dollars globally.
Two primary vectors used to combat financial malware are specialized endpoint protection and backend protection using multiple controls which are not obvious to the average banking customer.
Back-end solutions involve implementing protection that may be supported by resource-intensive build-outs of antifraud risk engines built on big data, utilizing dual custody for wire and ACH transactions, and limiting customers' transfer amounts. Given the scope of this approach, more banks are relying on endpoint protection software solutions on the customer's endpoint that typically involves PC as well as Apple Macintosh computers and devices.
Securing Against the Unknown
The CimTrak Security software suite is an excellent solution for enterprises looking to increase their cybersecurity posture and take action against future compromises. The most recent updates bundled into the 2.0.6.17 CimTrak release are capable of not only preventing unwanted file writes (changes to critical documents and data) but also tracking the reads of protected files by organization users as well.
Get in contact with our team to find out how CimTrak can prepare your organization against attacks and remain secure!
References
Tags:
Post by
Jacqueline von Ogden
May 22, 2014
May 22, 2014
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".