Anthony O’Mara, vice president, EMEA, Malwarebytes, sheds light on a new malware that’s on the rise and why having a multi-layered security approach is key to thwarting this threat.
Among the primary objectives of Malwarebytes is helping organisations detect and mitigate the threats that have managed to slip through defence systems. Do you believe conventional security solutions such as an antivirus are now becoming obsolete?
Not necessarily, traditional solutions such as an antivirus, while still instrumental, are simply no longer sufficient in keeping IT systems secure. I think as the threat landscape evolves the nature of cyber-attacks are becoming more sophisticated. This requires organisations to deploy a multi-layered approach to cybersecurity and if they’re not doing that then they will be highly at risk to vulnerabilities.
We can never be 100 percent secured from every cyber threat. But with a multi-layered approach, you can at least narrow down the possibility of being attacked.
In your opinion, what kind of cyber threats should organisations be on the lookout for this year?
The connected nature of Internet of Things devices makes it prone to vulnerabilities and we can expect threat actors to continuously attempt to exploit this.
Last year, we have seen numerous ransomware incidents across the globe and this isn’t looking to slow down. People didn’t stop robbing banks just because banks got bigger vaults. They just found other ways to infiltrate it. It’s the same with cybercrime. As long as it is lucrative we can expect it to continue.
Another emerging trend that is increasingly becoming attractive to cybercriminals is cryptocurrency. As the value of cryptocurrencies increases, we can expect malicious cryptocurrency mining to become mainstream. Malicious cryptomining or cryptojacking is when someone else is using your computer to mine cryptocurrency like Bitcoin. The collected coins go into the attacker’s account and not yours, which means they are essentially stealing your resources to make money.
It can be done locally on the system or in the browser. This malicious activity takes advantage of your computer’s Central Processing Unit (CPU) and Graphics Processing Unit (GPU), running it at higher capacities. If such activity is running for a prolonged period of time it can potentially slow down every other process of your device, shorten the lifespan of your system, or ultimately damage your machine. Besides stealing your resources and slowing down your systems, being cryptomined could also make you more susceptible to other malware.
We have seen a big rise in cryptojacking activities during the past year and it is one of the fastest growing cyber threat to date. While malicious cryptomining is far less dangerous to the user than an attack like ransomware, its effects should not be underestimated.
How can organisations best protect themselves against cryptojacking and other future cyber-attacks?
Having a layered approach is always key. But it is important to note that as we get smarter, cybercriminals are also evolving. Just as soon as we find a way to stop them from exploiting one vulnerability, they find another one. It will always be a race between security teams and cyber-attackers. The only thing we can do is be prepared for these attacks by integrating an end-to-end cybersecurity strategy, from detection to response and ultimately recovery, only then can we ensure business continuity.
What can we expect from Malwarebytes moving forward?
A big part of our team is focused on the technical side of the business as we are very committed to continuously improving our products. Most companies are centred on the sales and marketing side of the business, we concentrate on accelerating our technical capabilities to develop solutions that go beyond the norm and find new ways of protection. I believe that this is also our competitive edge in the market.