When it comes to active malware infection, as many as 18.5percent of a company's computers are actively communicating withcriminals, according to Damballa's “State of Infections” report.
No firm is exempt, as this occurs across both largeand small enterprises, the study found. Company policies, more thancompany size, determine the “cleanliness” of any given network.
|“We recommend that security teams work under the assumption thatprevention is not fail proof, so the ability to automaticallydetect and accelerate the time to response is essential tominimizing risk,” says Brian Foster, CTO of Damballa, a firm thatdetects active threats and provides cyber protection andcontainment.
|Damballa reports that the past 18 months have experienced a risein Kovter ransomware infections, so-called because they lock thevictim out of his or her computer until the victim agrees to pay afee, which can be as high as $1,000. At its height, theseinfections reached 43,713 devices in a single day. Month overmonth, average daily infections increased 153 percent in May and 52percent in June.
|However, there is some good news: Ransomware was dealt acrippling blow after the Department of Justice initiated OperationTovar, which aimed to dismantle the GameOver Zeus botnet and itsdestructive payload CryptoLocker. The DOJ estimates thatCryptoLocker compromised more than 260,000 computers worldwide,about half of which occured in the U.S. More than $30 million inransom was collected between September and December 2013, the FBIreports.
|“When it comes to mass infections, we can apply best practicesfrom Operation Tovar as a blueprint for managing global cyberpublic health,” Foster says. “It underscores the need forcontinued, coordinated efforts across the security community.”
|These best practices for a malware takedown include:
- Global partnerships between public and private entities;
- Criminal and civil legal processes designed to stopcommunications between infected computers;
- Cooperation from domain registrars who agreed to block orsinkhole the DGA elements of the infections; and
- Mass notification of victims and easy access to malware removalkits.
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical Treasury & Risk information including in-depth analysis of treasury and finance best practices, case studies with corporate innovators, informative newsletters, educational webcasts and videos, and resources from industry leaders.
- Exclusive discounts on ALM and Treasury & Risk events.
- Access to other award-winning ALM websites including PropertyCasualty360.com and Law.com.
*May exclude premium content
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
