Alexis is a cyber security researcher and Security Intelligence Team Lead at ESET. You can find out more about his views on the future of malware and its effects on businesses in the first part of our interview.
1) What is your opinion on the rise of crypto mining? Some believe it will replace ransomware as the biggest malware threat to both businesses and consumers. Another danger is that it can be used in tandem with other types of malware, such as ransomware. Could this be one of the biggest dangers we face?
Crypto mining wasn’t in our vocabulary three or four years ago, and the rise of crypto miners directly correlates with the rise of value in cryptocurrencies. It’s becoming more popular as ransomware decreases in popularity, probably because the return on investment is higher in crypto mining. If a computer is infected with crypto mining malware, the consequences are less severe than ransomware and more of an annoyance. However, the real danger from a victim perspective is that once crypto mining malware is installed the attacker can install anything else with ease, including ransomware or other harmful malware.
2) A further threat that is attracting increasing attention is file less malware. How do you expect to see this type of threat develop?
File-less malware is a relatively new threat that has increased in popularity over the last few years. It’s one of the tricks that attackers use to evade protection and slow down the incident response process, which is a process by which defenders will try to reconstruct how the attack took place and try to identify all the attack components. File-less malware will typically never land on a disk so it’s hard to recover the actual malware after the attack took place. It’s a clever trick but security products are adapting to this type of malware fairly quickly. As an example, ESET has a module called the advanced memory scanner that’s built specifically to scan parts of memory and look for malicious code.
3) What challenges do businesses face when considering the advent of the Internet of Things? Mozilla has predicted that as many as 30 billion devices will come online by 2020 and many have pointed to the challenges that businesses face in regards to BYOD policies.
It’s true that everything is connected nowadays and we can’t escape that the number of connected devices will continue to grow. From a business perspective, I think the first step is to recognise that these connected devices are typically less secure than traditional IT equipment. They usually benefit from a very low level of support from the manufacturers in terms of security fixes, compared to traditional software that we are used to operating such as computer browsers. Secondly, one of the most important things businesses need to do is isolate their corporate networks from personal devices employees bring to work themselves, often known as Bring Your Own Device (BYOD). They must assume that these devices will be compromised and they must be excluded from accessing the corporate network. Something that can be harder to do but is a really useful resource is to make an inventory of all BYODs and to deploy security updates in order to keep those devices as secure as possible.
4) How do you believe Artificial Intelligence and Machine Learning will affect the cybersecurity industry in the future?
AI has been changing things for several years now, and we have more data and malicious malware samples than we’ve ever had before. As the quantity of data we have from a defence perspective is huge, machine learning is helping us identify trends and identify outliers, suspicious behaviours and files. But machinery has its limits, and we don’t think AI can replace the expert knowledge that humans have. AI and Machine Learning is a useful tool, but it’s still one tool among many others.
Find out more about Alexis´ views on the future of malware and its effects on businesses in the first part of our interview.