Sisyphus* had it rough, but credit union CISOs may have it worse

However, protecting environments from malware just got easier.

Every year organizations everywhere, including credit unions and the world’s most sophisticated companies, increase their investments in the best firewalls, industry leading antivirus software, strong cybersecurity education programs, and top cyber talent, all to create robust defense policies and monitor their infrastructures. Yet these companies constantly experience intrusion events attributed to malware that compromise their reputations and threaten their business models. How is this possible?

The Blind Spot

All day, every day, credit union and other IT security teams are working to plug holes, prevent intrusions, monitor applications and systems, find and deploy the latest and greatest tools to help them, all in an effort to prevent cyberthefts; but, even with all of this effort, “53% of IT security leaders don’t know if cybersecurity tools are working, despite an average of $18.4 million annual spend,” Business Wire (July 30, 2019).  Why don’t they know?

Every car has a blind spot — an area where visibility is compromised. Security solutions have blind spots too. Maybe your blind spot prevents you from seeing hard-to-find threats or detecting compliance issues down the road. Wherever they exist, blind spots compromise your security team’s ability to identify, protect against and respond to threats in a timely manner.

And, when it comes to IT security blind spots, the security industry has created and nurtured a huge one. The security industry has practically given up on stopping malware attacks (especially the fast-growing malware attacks driven by creation of dynamic codes, visible only inside an application) and has, instead, focused on detection and restoration rather than prevention.

Since AV  (“anti-virus”) products are blind to how these attacks have hidden themselves in applications, these attacks need to simply change their behavior just enough not to be caught by AV products that are looking at after the fact execution artifacts of these attacks.  And, of course, there are an infinite number of ways attackers can do that all the time. But, by surrendering to the inevitability of these attacks, IT security teams have created a “Sisyphean environment” where they find themselves always at work, never at rest, and never fully finishing the job of protecting their environment.

How does malware get into your credit union’s system?

Malware makes its way into your systems via many paths, including:

  • Through unpatched, unknown (0-day) or known but unpatchable flaws.
  • Through a benign-appearing executable run on the system.
  • Through social engineering means.
  • Through hidden backdoors and attacks on the software supply chain.

And because we too often lack the visibility to see it and the ability to curtail it, the most malicious malware can find a home in your system, hide from any and all work you do to discover it, then launch and do its damage for far too long before you can act to curtail it.

Malware attacks via your programs’ memory are your worst “nightmare”

In 2019, according to an IBM sponsored study, it still takes 206 days for security teams to find their most advanced threats — and another 73 days to remove those threats from the network.  Wow!

Financial sector performance regarding identifying and containing a data breach is better than any other industry sector studied by IBM (Ponemon Institute, “2019 Cost of a Data Breach Study,” IBM.com).  However, the average number of days to identify and contain a data breach in the financial industry was 177 and 56 respectively.  It took, on average, 233 days to find and contain the damage from a data breach. Nearly eight (8) months!

The fastest growing form of attack sits in your blind spot.

The new malware doing much of this damage is written to attack your program’s memory using dynamic code generation techniques, and existing AV products are not able to stop these attacks, unless this exact malware behavior has been previously experienced, logged, and can be recognized.

Because current AV providers, both traditional and next generation, rely heavily on signatures and previous malware behaviors, fraudsters know how to bypass them or how to change the behavior of their malware.  And because AV providers aren’t able to do more, credit unions’ IT security teams are left to test, monitor, plug holes when found, and more, all part of their Sisyphean efforts to protect, as best they can, the environment they manage. But, absent a “real solution” to this new form of attack, no amount of effort will suffice.

If AV products can’t protect my credit union, how can I prevent these malware attacks?

So, if ALL antivirus products suffer from this catastrophic protection gap that has been deemed impossible to close, what do you do?  If ALL antivirus products have no effective real-time active protection for the new class of dynamic memory malware attacks, do you have any other options?

There’s a new sheriff in town.

Fortunately, there is a company that has brought to market the only product I have come across that is explicitly designed to STOP this rapidly growing class of malware attacks. They say it wasn’t easy to do.  Turns out it took a lot of work to solve the problem. But, because a program’s memory is currently the largest vulnerability that AV companies have not yet been able to protect in real-time with their existing AV offerings, the problem HAD TO BE SOLVED! SO HOW DID THEY DO IT?

They focused on stopping malware attacks driven by dynamic code execution.

Creation of dynamic code is only visible from inside an application. This patent pending solution operates inside EVERY Windows application and monitors all software, including browsers and company proprietary applications (with other OS’s coming soon).

Because many legitimate applications create dynamic code, they built a blueprint of legitimate dynamic code behavior(s) for every Windows application running in their customers’ environments. Their “solution monitor” constantly shields all applications and protects itself, as well, so it CAN NEVER BE TURNED OFF by any malware or be BYPASSED. It STOPS dynamic malware from executing in all applications in real-time, every time.  So, if you want to move to eliminate your credit union’  “malicious dynamic code” BLIND SPOT, ask me how.

 

*Sisyphean. This term for a task that is endless and ineffective comes straight out of Greek myth. In Greek mythology Sisyphus was punished by being forced to roll an immense boulder up a hill only for it to roll down when it nears the top, repeating this action for eternity.

Greg Crandell

Greg Crandell

Greg Crandell provides strategy, market planning, business development, and management consulting to financial technology firms and their clients – Credit Unions and Banks. For more years than he wishes to admit, ... Web: queryconsultinggroup.com Details