Intelligent CISO Issue 32 | Page 33

PREDICTIVE
INTELLIGENCE

Malware :

Trends , defence strategies and incident response planning

Threat actors have leveraged the fear and uncertainty created by the global pandemic to ramp up their social engineering and malware attacks – both of which can be hugely detrimental for organisations . Sherrod DeGrippo , Senior Director , Threat Research and Detection , Proofpoint , highlights the malware trends organisations need to be aware of and offers some key advice to CISOs building their incident response plans .
Sherrod DeGrippo , Senior Director , Threat Research and Detection , Proofpoint

tThe impact of COVID-19 on the threat landscape

“ As we saw the situation develop over the past several months , beginning at the early part of 2020 , as things started to move west , we were definitely questioning how this current event would impact the threat landscape and we saw the first use of COVID-19 in social engineering attacks in late January . Those were against targets in the West , so it was absolutely something that was on the mind of the threat actors and started quite early as that news came in ,” DeGrippo explained .
As the situation has developed , threat researchers have identified much more specific and tailored techniques . “ Instead of just talking about the virus , we see social engineering talking about the vaccine , or saying ‘ click here to see a list of people who have been infected in your area ’. We see it used as a way to push for urgency .”
Where the threats are coming from and the motivation behind them
DeGrippo highlights that ‘ just about every ’ actor on the landscape has leveraged the pandemic in some way – from the typical commodity , crimeware actors to state sponsored and smaller actors behind the likes of BEC and email fraud .
“ When it comes to motivation for attacks like these , typically they ’ re financially motivated . Of course , the state-sponsored actors are motivated by espionage and nation state type interests , but for the most part , the motivations that these actors have hasn ’ t really changed , the social engineering wars that they ’ re leveraging is what has become the new thing ,” she said .
Vertical and regional targets
While such attacks originally started with a focus on targets in the west , these have now become so widespread they are no longer considered ‘ unusual ’. DeGrippo said : “ At this point , anyone , anywhere , is subject to potentially getting a COVID-19 social engineering attack . We see these day-in and day-out now , in all kinds of different ways . So , it ’ s really become the standard .”
Malware trends of which organisations should be aware
“ Malware is something that ’ s always evolving – that ’ s one of the things we www . intelligentciso . com
33