Malware Poses Perilous Threat to Infrastructure And Business
By: Jim Stickley and Tina Davis
January 11, 2020
Businesses everywhere are vulnerable to unrelenting malware attacks. The discovery of a new malware aimed at U.S. industry signals that it’s time to buckle cybersecurity seat belts. The malware is called LookBack. It hadn't been seen before and it’s capable of taking down critical infrastructure like electricity, gas, and water processing plants.
It often enters a system via email phishing and contains a malware-laden attachment begging to be opened. To date, email phishing lures were sent to three U.S. utility companies, but were blocked before they entered those systems. It’s important to remember, it only takes one employee opening one infected attachment to take down any successful organization. This time the stakes are much higher, as LookBack can hinder the vital services we depend on daily to function.
Since LookBack malware had never been seen before this, researchers are unsure of how it may be used in the hands of hackers and what virus strains it may morph into. Although we know LookBack’s current capabilities, it has yet to be launched into attacks on businesses and consumers alike. Those companies who don’t invest in cyber-resilient systems and employee cyber education are flirting with paying a hefty price. Researchers believe LookBack is launched with highly targeted spear phishing lures. Spear phishing uses specific targeting, with emails addressed to the recipient by name and appearing to be from a trusted source like a co-worker or company vendor. Sometimes, it’s incredibly difficult to detect any irregularities in the message. However, once email attachments are opened, the LookBack Remote Access Trojan (RAT) is unleashed. Game over.
Businesses both large and small can take preventive steps to guard against LookBack and other Trojan malware. Starting from within begins with ongoing employee cybersecurity education. Keeping staff informed on the do’s and don’ts of email phishing and the way hacks can trend is a key component of cyber-resilience. Suring-up systems security by regularly backing up important data can keep a business from going under after a cyberattack. Malware, such as ransomware attacks keep critical data encrypted until a ransom is paid to restore it. This can be a significant issue if the systems are critical, such as those that would be in hospitals. Companies need to regularly test their data backup systems to ensure they work properly when needed. Limiting access to that data is vital to its security. Separating it from the system network adds a layer of protection in case the network is hacked, and keeping it off the internet whenever possible is yet another protective layer. In the face of known and unknown malware attacks like LookBack, cyber-resilient measures start with cyber-smart measures.