The structure of the cyber crime industry often parallels that of legitimate tech businesses, more than one would think. As cloud computing has become relatively commonplace for businesses of all sizes and industries, you may have encountered terms like Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). As these advancements occur on the legitimate side of the tech industry, cyber criminals don’t want to be left in the dust. So, how are they working to keep themselves relevant in the age of customization and personalized services? By offering Malware-as-a-Service, of course!
Emotet is not necessarily a new threat – it’s been around since 2014. But what was once classified as a simple banking Trojan, has progressed and advanced to become a more formidable piece of malware – able to cause more damage, while also becoming more difficult to detect and prevent. Now Emotet is being marketed as Malware-as-a-Service (MaaS) because its primary function is to infect a system, then download, drop, or distribute any banking Trojan that the attacker decides they’d like to use.
What makes Emotet such a serious threat?
This particular piece of malware is polymorphic – meaning its code can change every time it’s downloaded, making it difficult to detect. In addition, Emotet is able to distinguish if it’s in a sandbox environment (a tool that can check to make sure files are performing as they should, and not like a virus, before they pass through to your network). The malware knows to lay dormant while in the sandbox, until it gets passed through the filter undetected. Otherwise, Emotet can brute-force its way onto computer systems, create backdoors, or generate spam messages in a compromised email account.
Even the U.S. Department of Homeland Security published an alert on Emotet in July of 2018, stating that “Emotet infections have cost SLTT (state, local, tribal, and territorial) governments up to $1 million per incident to remediate.”
This is why it’s so important to stay on top of updates and the latest security offerings. Here's what you can do to help protect your business:
- The latest anti-malware tools can come with AI and deep learning technology, increasing its ability to detect polymorphic malware.
- It’s important to ensure that there are no unsecured devices on your network. Identify and secure all currently unmanaged devices on your internal network – or create a separate network for them.
- Ensure that your security tools and applications remain up-to-date.
- And don’t forget about staff cyber security training. The number-one way Emotet has been spread is via email attachments. Teaching staff what red-flags to look for in malicious emails can provide an immense security benefit for businesses.
When was the last time your business performed a security assessment on your network? Do you know where your vulnerabilities are and what you need to do to secure your network? Let us help! Contact us today to set up a time for our team to perform a comprehensive security assessment for your business.