A new spyware framework that allows the government to implant remote beacon and loader capabilities on target computers from Windows XP to Windows 10 has been disclosed in the latest data dump from WikiLeaks. Michael Patterson, CEO at Plixer commented below.
Michael Patterson, CEO at Plixer:
“Efforts to thwart new malware strains has failed. Complete prevention in today’s massively complex world of IT is not possible. Instead of placing budget and effort solely in the name of prevention, organizations must focus their energy on establishing robust incident response processes and contingency plans for inevitable breaches. The new requirement is to focus on systems and personal skillsets which can be used quickly remediate breaches. The variety of different attack vectors exposed, and attack surfaces involved, should also be a wakeup call to Boards of Directors that the security team’s task of providing security and reducing risk is overwhelming. Department stores can’t identify shop lifters until they are observed taking something with the intention of not paying for it. The same holds true for malware. It looks like ordinary traffic until suspicious patterns appear. Emerging solutions like network traffic analysis with behavior anomaly detection are key to identifying day zero attacks and then delivering the forensic data the security team needs to quickly mitigate and return to normal.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.