June 16, 2019
Let’s Have An Honest Discussion About Ransomware
Can you admire a disease? The most common answer would be "of course not". Malware is a disease that affects the computer, a cyber disease can be viewed differently than an organic disease. A strain of virus may attack the body of a living entity slowly crippling it until that entity expires. As malware is software, we look at the disease from a different perspective, some malware is beautiful – its method is fluid, the encryption is masterful and like most things you can tell the writer put a lot of work into it. What do we consider "masterful" malware? It's simple, if the disease sits in the computer and exhibits no visible symptoms then that is not only beautiful but strategic. Your data is valuable, when a bad entity establishes persistence on your network if he/she is effective they do not want to be found. The offending process that is doing the work of the disease should have a low footprint and not consume resources. Which now brings us to ransomware.
April 23, 2019
Malware and Behavior Analysis - Series Three
A Worm in My Garden
The words malware, virus, and worm are always used to describe some form of cyber malfeasance. Before we go into the analysis of the worm discussed in this article, let us bring some clarity to the lexicon.
April 2, 2019
Malware and Behavior Analysis - Series Two
The Rat Likes to Gossip
Why do people attempt to infect a network? Why do people attempt to move data? Your information can be monetized. As most people are not aware of the insidious nature of those who lurk underground, they do no give much thought to their data and what can be done with it. If you lurk in the sub-layers of the internet or you are tasked with retrieving information from a target you need a mechanism to deliver this information. Ransomware is a savage method to which there is no art and it will bring you nothing. A Trojan is the order of the day.
November 9, 2018
Malware and Behavior Analysis - Series One
When an event occurs most people / companies usually catch the effects of the event at the tail end. The point of discovery now becomes forensics because the damage is done. Our corpse that was riddled with disease is mutilated, violated, and ready to be incinerated. Not only does this apply to malware where most only discover the effects when the damage is done, but it also applies to behavioral analysis, a person is only aware of data theft when the consequences of the deed have become apparent to the organization.