Malware attacks are really rampant and keeps on growing day by day. Previously, there were file-less malware spreading around.
What are the makings of the Stegware A.K.A. Steganography Malware?
Steganography comes from the Greek words “steganos” meaning covered, and “graphein” meaning “writing. The method of passing hidden messages around has been around for ages. Same as with this malware, it conceals the infected file, message, image, or video within onother of the same type – for nefarious intent.
Why is it on the rise?
Typical malware has signatures or patterns that scanners look for. However, this malware is effective since it is almost undetectable. Recently, a former GE engineer was indicted for encrypting files containing GE’s proprietary information in a photo of a sunset. He then allegedly emailed it to his personal mailbox with the subject, “nice view to keep”. The indictment stated that it was “uncommon even among trained computer experts, and both GE Digital analysts and FBI agents specializing in cyber crimes.”
Just like in the movies, the malware is hidden in a picture file which makes it inconspicuous. Compared to the exe files which always raises an alarm or jumbled up text files. Once these files are put as attachment to popular, I am pretty sure it will be really hard to spot. Not far from reality, Facebook has been recently accused of embedding tracking information in photos in it. It has been said that it can be quite easy to implement with a variety of encryption methods.
As of now, antivirus software companies are still trying to develop ways of improving stegware detection, but still in its
inceptive stage. Watch out for the red flags that its workflow mechanisms raise.
To begin with, encryption is the most essential part. The GE case involved encrypting 400 files using a software not issued by the company. Better yet, it is better to prohibit the download of software not white-listed by the company or organization.
The second aspect that you need to watch out for is how to transfer the files. If social media access is allowed, make sure to use the browser sandboxing feature. You could also restrict the transfer of data from work devices/emails to personal devices/emails. Watch out for high-payload transfers also.
A computer or network needs security software like antiviruses and anti-malware. Make sure to keep them up to date. Employees should be made aware of the dangers of downloading unapproved softare and accepting files with untrusted electronic signatures.
Implementing a safety net for you the way you access your valuable data is essential to ensure business continuity. This will enable easier data recovery while limiting damages.
Last but not the least, have a backup and other redundancy. A reliable backup and recovery solution will definitely ease the stress and anxiety of data loss.