Last month, I wrote about malware and its impact on businesses. I want to expand on that topic this week as malware is one of the fastest growing threats the security industry is facing. As a matter of fact, a 2012 survey conducted by security firm Panda Labs, found that 32 percent of users had malware-infected devices.
The process of malware fraud is simple. A cyber criminal sets up a malicious webpage with a domain name that is similar to a well-known site or injects malicious content into a legitimate site. An employee is then at risk of infecting his or her computer with this malicious content. This can be done by clicking on a link in an email, on a website or even just visiting a legitimate website that is infected with drive-by malware.
The impact of a business device infected with malware can be devastating. When a device has malware, it is not just a single account or online identity that is at issue, but all the traffic or data that is stored on the device. If the right device is infected with malware, cybercriminals gain access to a wealth of sensitive and private information. Take for example the recent Target and Neman Marcus breaches -- both were caused by malicious software that was installed on a company computer.
We can expect to see a continued increase in major malware-related breaches in 2014. There are three increasingly popular types of malware fraud that businesses need to focus on protecting against: Point of Sale malware, ransomware and malvertisements.
Point of Sale (POS) malware has been a hot topic of late due to the recent Target and Neiman Marcus breaches. Point of Sale (POS) systems are designed in a certain way that makes it difficult for cyber criminals to steal information. The payment card industry has a set of standards that require encryption of payment data when it is transmitted. However, at some point in the transaction process, the POS system has to decrypt this data to process the payment. This is where the malware comes in. POS malware identifies where the decryption is taking place and then harvests the sensitive data. The malware sends the data to an off-site database where it is then stored for future use. The retail industry's high volume of credit card and debit card transactions make them a prime target for POS malware and the FBI has warned retailers to prepare for more cyber attacks.
Ransomware is another type of malware that businesses are going to see more of, especially small businesses. Ransomware is installed on a computer when an unsuspecting employee clicks on a bad link and downloads an infected file. The malware begins encrypting personal files on the device. Once that is done, an alert will appear requiring payment in exchange for decrypting the encrypted files. If you don't pay, the files will be erased. One of the most popular strains of ransomware, called CryptoLocker, demands huge sums and gives users only 72 hours to pay. Needless to say if a business does not have backups of the encrypted files, the negative impact of this malware can be brutal.
One of the reasons, if not the main reason that ransomware has grown to be such a big issue is the large increase in availability and value of virtual anonymous electronic currencies like Bitcoin. Anonymous, online currencies allow cyber criminals to effectively extract real value directly from an infected user without having to worry about being identified, traced back or having their payments blocked or suspended by a legitimate financial entity.
Malvertisements is a word we expect to hear more of throughout 2014. A malvertisement is basically an advertisement on the Internet that delivers malware to the user. In Early January, Yahoo confirmed that malware was served in ads on its homepage. It is estimated that two million European users could have been hit. The challenge with malvertisements is they can turn any legitimate, business website into a malware delivery platform. This is a growing problem for both businesses and consumers. Businesses need to be aware of this threat and implement security measure to monitor for and guard against it. Similarly, consumers need to be aware and monitor their devices closely for signs of malware. Even those that practice "safe surfing" (not falling for phishing scams, only visiting legitimate, vetted sites) can easily fall victim to this threat.
When protecting against any type of malware, education is the first step. Employees should be coached on the causes and effects of these types of malware, how they are being transmitted and what to do if they think their device might be compromised. However, as malvertisements demonstrate, even education doesn't promise security. It is up to the business to ensure the proper firewalls and security measures are in place. For consumers, one of the best things to do is to keep an eye on your bank accounts for suspicious transactions and consider an identity monitoring service that can alert you if your personal information has been compromised.
Follow Joe Ross on Twitter: www.twitter.com/@CSIdentity