Page 10 - AeM_May_2017
P. 10
RESEARCH, ANALYSIS & TRENDS
Naiveté, inadvertency and laziness
provide perfect breeding ground for
ransomware, like WannaCry
More and more networked devices, professionalized hackers to get past the perimeter, especially in an open
hacking groups, and the development of sophisticated environment which is commonplace for most organiza-
malware become a growing challenge for security man- tions today. By implementing a defense in depth ap-
agers as attacks are pushing the boundaries of tradition- proach, even if the hacker finds a way to break in, they
al security solutions. won’t be able to steal, or hold hostage, what’s inside”,
Irdeto’s expert explained.
The significance of the current threat level is obvious
when looking at the headlines of the past few days. The The increasing spread of memory-based attacks has
WanaCrypt0r 2.0 (also called WannaCry, been considered as particularly threatening: So-called
WannaCrypt, Wana Decryptor or WCry) ransomware ‘in-memory’ attacks use malicious programs that are
attacks clearly put the cat among the pigeons by target- only active in the memory and are executed there by
ing organizations that didn’t take cybersecurity serious legitimate software. Because no malware files remain
enough. It is believed to derive from NSA hacking tools on the hard drive, memory-based attacks are very diffi-
that were leaked earlier this year now even North Korea cult to detect afterwards. After a system reboot, for in-
is suspected to be the blackmailer. stance, nothing can point to the previous attack. Static
and antivirus solutions targeted at the detection of files
Anyway, according to Ben Gidley, Director of Technolo- are helpless in attacks of this kind and therefore practi-
gy, Irdeto, these ransomware attacks could have easily cally superfluous.
been avoided if organizations had their systems patched
properly and implemented a defense in depth approach While the number of traditional .exe-based attacks de-
to cybersecurity. He stated that “a patch was issued on creased somewhat, the number of file-less attacks has
March 14 to fix that vulnerability, so the organizations more than doubled and a further increase is expected,
affected by these attacks could have easily avoided be- according to reports. Particularly, foreign-intelligence
coming the latest ransomware victim. However, this neg- agencies increasingly rely on such disguised attack
ligence has resulted in PCs and data across several or- methods, which do not leave any artefacts on the file
ganizations to be held hostage.” “Currently, most compa- system and therefore have particularly high infection
nies focus on protecting their systems from the outside- rates.
in with strong perimeter security. But it’s too easy for
10 May 2017 - (Cyber) Security & Data Protection