Malware creators are getting smarter. Their attacks are becoming harder to detect, and a recent McAfee Labs & Intel whitepaper estimates that about 15% of malware uses sophisticated stealth techniques that allow them to remain hidden while simultaneously causing significant damage against enterprise targets. Stuxnet and the Zeus Crimeware Toolkit are powerful examples of how modern day criminals can use stealth techniques to steal data or target computing systems, and allow attackers to fully control operating systems and limit the risk of exposure.
Furthermore, many rootkits can self-heal and reinstall from a hiding place after a system has been cleaned, thus extending the time in which an attacker can control the compromised system. When faced with a compromised host that continues to leak data even after a system has been “cleaned,” it can become very costly for enterprises to perform complete reinstalls of their operating environments, or worse, replace the infected computers altogether.
Has your organization experienced a stealth attack or rootkit outbreak? How does your IT security team deal with these types of attacks? What is the impact and costs to remediate? We plan to discuss these questions and more during our next #SecChat – Thursday June 23rd at 11am PT.
McAfee and Intel are working to combine our knowledge in security, software and systems in order to stay ahead of smart malware attackers and stealth techniques. As an industry, we need to re-envision the way we think about maintaining enterprise security and better determine ways to detect and protect against stealth crimeware.
Be sure to join the conversation this Thursday, 11am PT on the @IntelSec_Biz Twitter feed – we look forward to hearing your thoughts on stealth crimeware.
To participate, follow #SecChat stream on search.twitter.com or your Twitter client, and engage by tagging your responses with the #SecChat hashtag.