Fortinet security strategist sees rise in stealthy attacks as zero-day market matures - SiliconANGLE

UPDATED 17:27 EDT / JULY 05 2018

EMERGING TECH

Fortinet security strategist sees rise in stealthy attacks as zero-day market matures

by Mark Albertson

Crooks are getting smarter at covering their cyber tracks. The FortiGuard Labs’ Q1 2018 “Threat Landscape Report” sheds new light on the growth of designer malware, tools used by cybercriminals to infect systems in ways that are difficult to detect and harder to remove.

“Cybercriminals are evolving their attack methodologies to be able to increase their success rate, as well as being able to increase their infection rate,” said Anthony Giandomenico (pictured), senior security strategist and researcher at Fortinet Inc. “This whole zero-day market is getting more mature.”

Giandomenico spoke with Peter Burris (@plburris), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, in Palo Alto, California, to discuss new forms of malware that are harder to detect, a rise in stealth attacks controlled at will by cybercriminals, the growth of cryptojacking, and progress in handling enterprise botnet infections.

Fileless malware attacks

Because anti-virus software relies on previously discovered signatures to identify malware, zero-day attacks exploit unknown vulnerabilities. An example of this can be found in fileless malware, which made its presence felt in enterprise networks two years ago.

“Fileless malware is very stealthy,” Giandomenico explained. “It will use scripts to inject their actual payload into memory, with nothing on disk, so it makes it a lot more difficult to detect.”

Attackers are also doing reconnaissance on organizations now, according to Giandomenico. After breaching a firewall, criminals can move methodically across the network and place malware on systems of apparent value.

“Once they’re ready, they flip the switch and all of those systems now are held hostage,” Giandomenico said. “That impact is much greater to the business.”

Are there positive signs emerging in the cybersecurity world? While Fortinet’s report found a doubling in cryptojacking detections, this may be at least a milder annoyance to enterprises since this form of hacking steals computer resources to mine bitcoin rather than proprietary data.

Fortinet researchers were also encouraged by improvement in being able to resolve botnet infections. “What we were able to determine is 58 percent of organizations, within 24 hours, were able to clean up a particular botnet infection, which is actually pretty good,” Giandomenico conlcuded.

Watch the entire video interview with Giandomenico below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations.

Photo: SiliconANGLE

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.