The Problem
[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ admin_label=”About Me Section” _builder_version=”3.22″ custom_padding=”110px||0px|||”][et_pb_row custom_padding=”0px|||||” custom_margin=”-98px|auto||auto||” admin_label=”About Me Area” _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”100%” custom_margin=”|||” custom_padding=”2px|||||” animation_direction=”left”]The Cyber Security industry is in an arms race with malware writers and attackers. Over 80% of malware is now using evasive techniques and we are beginning to see the emergence of Artificial Intelligence in the creation of malware. A recent report on the emergence of malicious use of AI in the creation of malware forecasts a dramatic shift in the threat of malware. AI generated malware is faster and easier to create and includes new threats and techniques that are harder for human analysts to find. This AI driven arms race demands that as defenders, we stay in front of the threat actors by using the latest AI and Deep Learning technologies to find and protect our cyber infrastructure.
Advanced malware is difficult to catch because current breed of automated malware analysis solutions cannot examine all dimensions of malware behavior. Other automated malware analysis solutions, commonly called as sandbox-based solutions, detect malware only by monitoring the interaction of malware with it’s external environment. They lack the ability of deep introspection akin to manual reverse engineering. This results in several blind spots that are exploited by malware writers.
EVASIVE MALWARE
[/et_pb_text][et_pb_image src=”https://www.secondwrite.com/wp-content/uploads/2019/07/white_line.png” align=”center” _builder_version=”3.26.4″][/et_pb_image][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”100%” custom_margin=”|||” animation_direction=”left”]Most modern advanced malware exploit blind spots in other automated malware analysis solutions and avoid detection by altering and hiding their behavior while being monitored by such solutions. It is a fundamental threat to automated sandbox solutions with more than 80% of modern malware being evasive in nature. These evasive malware appear harmless during analysis but launch successful attacks on live systems.
[/et_pb_text][/et_pb_column][et_pb_column type=”1_2″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”100%” custom_margin=”||||false|false” animation_direction=”left”]ANTI-ANALYSIS MALWARE
[/et_pb_text][et_pb_image src=”https://www.secondwrite.com/wp-content/uploads/2019/07/white_line-1.png” align=”center” _builder_version=”3.26.4″][/et_pb_image][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”100%” custom_margin=”|||” animation_direction=”left”]Advanced malware hides from a variety of cybersecurity tools, such as anti-virus (AV) tools, endpoint tools, debuggers, and binary analyzers, making them hard to detect. Unfortunately this anti-analysis behavior cannot be detected by most other cybersecurity tools, enabling such malware to escape detection.
[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ _builder_version=”3.26.4″][et_pb_row admin_label=”About Me Area” _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”100%” custom_margin=”|-26px||||” animation_direction=”left”]THE RESULT: A HIGH NUMBER OF ALERTS
[/et_pb_text][et_pb_image src=”https://www.secondwrite.com/wp-content/uploads/2019/07/gray_line.png” align=”center” _builder_version=”3.26.5″][/et_pb_image][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”100%” custom_margin=”|||” animation_direction=”left”]The lack of deep introspection of malware implies that other solutions classify a suspicious object primarily based on its external behavior, resulting in a flood of false alerts and missed malware since external behavior is insufficient to conclusively determine maliciousness in many cases.
[/et_pb_text][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”100%” custom_margin=”|||” animation_direction=”left”]Advanced malware hides from a variety of cybersecurity tools, such as anti-virus (AV) tools, endpoint tools, debuggers, and binary analyzers, making them hard to detect. Unfortunately this anti-analysis behavior cannot be detected by most other cybersecurity tools, enabling such malware to escape detection.
[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ _builder_version=”3.26.5″ background_image=”https://www.secondwrite.com/wp-content/uploads/2019/07/bg.png”][et_pb_row column_structure=”3_5,2_5″ admin_label=”About Me Area” _builder_version=”3.25″][et_pb_column type=”3_5″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#ffffff” text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” header_text_color=”#ffffff” header_3_text_color=”#ffffff” max_width=”90%” custom_margin=”|||” animation_direction=”left”]TO AVOID DETECTION, MALWARE PROGRAMS USE…
[/et_pb_text][et_pb_text _builder_version=”3.26.5″ text_font=”||||||||” text_text_color=”#ffffff” text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” header_5_text_color=”#ffffff” max_width=”90%” custom_margin=”|||” animation_direction=”left”]SLEEPING OR HIDING
DETECTING USER INPUT
KNOWING WHEN TO ATTACK
TARGETED ATTACKS
In all cases above, the evasive malware appears harmless on the sandbox, but launches an attack on the endpoint.
[/et_pb_text][/et_pb_column][et_pb_column type=”2_5″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https://www.secondwrite.com/wp-content/uploads/2019/02/Screen-Shot-2019-02-14-at-14.26.55.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”3.26.5″][/et_pb_image][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ disabled_on=”on|on|on” _builder_version=”3.26.5″ disabled=”on”][et_pb_row column_structure=”1_2,1_2″ _builder_version=”3.25″][et_pb_column type=”1_2″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https://www.secondwrite.com/wp-content/uploads/2019/02/download.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”3.23″][/et_pb_image][/et_pb_column][et_pb_column type=”1_2″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.19.14″ text_font=”||||||||” text_text_color=”#000000″ text_font_size=”16px” text_line_height=”1.8em” header_font=”||||||||” max_width=”90%” custom_margin=”|||” animation_style=”flip” animation_direction=”left” animation_intensity_flip=”30%” animation_starting_opacity=”100%”]AVERAGE MALWARE ALERTS
Only 4% of alerts are investigated
$1.27M/year wasted per organization for examining inaccurate alerts
Copyright © SecondWrite Inc.
[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]