The term war often conjures up images of a front line, a battlefield, and the potential of injury or death. The type of war we are talking about, however, is not found in some foreign land or some far-off place, but rather in your business, home, or office. Cyberwar is nothing new, but the threats that emerge each year are. Today, we plan to examine the Top Cyber Threat of 2022 as revealed by Cisco Talos, one of the largest commercial threat intelligence teams in the world. This elite group of security experts is devoted to studying threats as well as providing superior protection to customers through Cisco products and comprehensive services. According to Cisco Talos Incident Response (CTIR) Q2 report, “ransomware was unseated from the top perch for the first time in more than a year. The latest contender for the top spot in the cyber threat world? Commodity malware — that is, untargeted threats directed at a wide swath of users, often via free downloads off emails.”
What Is Commodity Malware?
For the past few months (and even years), we have been reporting about the high rate and increasing rates of ransomware impacting small and large businesses alike. According to Cisco, ransomware incidents have dropped from 25 percent to 15 percent. That large decline should be seen as good news, but alas, there is always some new and more nefarious method for cyber criminals to access the information they desire. The bad news is that commodity malware is on the rise. It makes up 20 percent of all engagements CTIR investigated in Q2.
What Exactly Is This Rising Star in the Cyber Threat World?
As a broad definition, commodity malware is malware that is widely available for purchase, or free download, which is not customized, and is used by a wide range of different threat actors which could include malicious hackers, organized crime, insiders (including system administrators and developers), terrorists, and nation-states. Commodity attacks are often carried out by attackers who either don’t have the skills to perform more advanced attacks or who prefer to perform many, easy attacks and benefit from a low success rate rather than spend a lot of time to customize a small number of more profitable attacks against specific targets.
Preventative Steps to Avoid Commodity Malware Incidents
Commodity threats can cost businesses time, money, and productivity. Every case requires review by somebody in your IT department. Spending time getting a laptop back online so an employee can get back to work also takes energy and manpower that could be spent on bigger and better things.Here are a few suggestions to deny your attacker easy access.
Consider what your access controls are. Limit normal users’ execution permissions and enforce the principle of least privilege.
Ensure that an appropriate password policy is in place.
Keep employees updated on the latest phishing schemes.
Establish a network perimeter including a strong firewall that can block access from malicious domains.
Maintain a patch management system that ensures the latest version of software and security controls.
For more information about cyber threats that could impact your organization, continue to follow our blog and visit our website for more information.