Posted by: Greg Ness | September 29, 2017

Predatory Malware is Rendering Existing Security Infrastructure Irrelevant

Malware has evolved to evade traditional security defenses and move laterally looking for vulnerabilities.  It may even force a generational shift in security. In a recent CUBE interview with security expert Junaid Islam, host John Furrier asks Junaid a question about the state of security in a new era of nation-sponsored activities and IoT.

UPDATE October 28 2017- Also see recent article in Daily Caller: Russia Testing Hybrid War Capabilities in Ukraine.  “What happens in Ukraine doesn’t stay in Ukraine.”

Both the questions and answers are revealing in terms of what kind of shift in thinking is required for increasingly interconnected enterprises in an age of state-sponsored attacksVidder Junaid Islam Cube John Furrier_.

“Generational Shift”

John called it a generational shift. He suggested security might even require a “do over.” What has changed beyond the exponential growth in IoT and digital supply chain connectivity? Perhaps it is the evolution of predatory malware that moves laterally through layers of existing solutions in search of vulnerabilities. Once in it has access to increasingly complex configurations of devices, drivers and servers, a kind of hackers’ playground that was once protected against attack and is now exposed. Because of digitalization the stakes are higher than ever.

As Junaid says, increased interconnectedness leads to increased vulnerability and risk. Yet that is the direction we’re going. Then as nation states get involved and “malware that moves by itself” appears the interconnectedness of the US demands new countermeasures.

WannaCry as a Weapons Test

WannaCry was likely a weapons test and it’s up to enterprises to secure their own systems against these new advanced attacks. Security teams need to be aware of these risks and plan accordingly.

Junaid recommends new policies and laws for people holding assets and encouraging the adoption of new, advanced countermeasures. Authenticated access including multifactor authentication should be required for critical systems.

The writing is on the firewall discussed two recent announcements from VMware and Verizon which are likely responses to the state of security and more harbingers for the hardware-bound firewall and network access control vendors.

New Thinking, New Strategies, Secure Enclaves

While security pros spend more time addressing process creep required to keep their firewalls and access control hardware up to date with the latest lists and updates, these new attacks are piercing high profile defenses. New thinking around zero trust is morphing into strategies for establishing secure enclaves where access, lateral movement and even user behavior is trust-based in real-time and granular versus “once you’re in your all in” which is common in traditional security infrastructure.

These are demands which traditional solutions weren’t architected to address. At conclusion Furrier asks Islam about efforts to establish a new US national security initiative. Junaid advises that as soon as an approach is taught hackers will evolve to evade them. “We need to rethink how we share information on a worldwide basis.”

Stay tuned…

Advertisements

Responses

  1. Great article thanks, Greg! This is really a brilliant post and I appreciate it.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: