Shah Sheikh, Co-Founder and Sr. Security Consultant at DTS Solution presented recently for ISACA UAE as part of their CPE events in Dubai. Titled "Deep Dive on Evasive Malware" the session was interactive and there was plenty of thought leadership discussions on how organizations can better equip and prepare themselves on advanced malware intrusions. "The number of advanced evasive malware targeting organizations have increased significantly over the last few years in the Middle East. At DTS we often act as the 'first responder' for cyber security incidents and breaches, and what we have noticed is an increase in the number of evasive malware that is not only sophisticated in an attempt to bypass traditional security controls but also very difficult to detect and remediate" - Shah Sheikh mentioned.
"We have seen individuals targeted through social engineering that work for a particular organization, the individual would typically receive a phishing email with a malicious file or link - which once clicked on would perform a silent install of malicious binary infecting that machine. That infected machine would then be part of a botnet executing remote commands and instructions based on the command and control servers such as capture screenshots and keystrokes. The botnet within the infected machine would then siphon data out to remote servers where attackers can gather intelligence about the organization. To make matters worse we have seen the cyber criminals then send spoofed emails to the finance team requesting them to perform an authorized transaction". As we can see the person up the hierarchy in the organization are the best targets for any cyber criminal.
The presentation covered in detailed the following subject matters;
- Introduction to Malware
- Malware across the Industry Verticals
- Point of Sale Malware
- Carbanak Malware
- ATM Malware
- Citadel Malware
- Randomware – CryptoLocker
- TorRAT Malware
- Malware Analysis and Immunization Techniques