One of the first documented cyber threats was in 1971 when a virus called Creeper was developed. Taking six months for a successful antivirus programme to be written to tackle the threat; it was also the first documented lag between threat and defence.
Although not as slow, traditional antivirus software still works the same today: When new cyber threats are released, antivirus defences are updated. It’s a reactive cycle, not a proactive response.
Getting ahead of cyber crime is a challenge. When new defences are developed, it only triggers cyber criminals to go one better. Malware is no longer developed to just exploit vulnerabilities but to outwit antivirus defences.
Virus and malware: Is there a difference?
Here are 5 cyber threats that could outwit your defences.
#1. Polymorphic Malware
Many traditional antivirus programmes use signature-based detection. This means it must discover a new cyber threat before it can protect against it. When the programme detects malware, it adds its characteristics (known as its signature) to a threat list. This results in frequent updates for the owners and users of the AV programme causing a time gap in protection.
Around 350,000 new variants of malware are created daily.
But when it comes to polymorphic malware, there’s a bigger problem. This type of malware is designed to regenerate its signature on detection making it almost impossible to stop with traditional antivirus software.
#2. Weaponised Documents
This cyber threat uses different document formats to compromise systems. Cyber criminals hide malicious code within the document’s embedded scripts. As traditional antivirus software only scans documents and not their embedded content, the attack can slip by undetected. Once the document is opened, the malware is launched and can run in the background without the user’s knowledge.
#3. Drive-by Downloads
This cyber threat delivers malware to users by exploiting vulnerabilities in browsers and browser plug-ins. The download can come from a legitimate website that has been compromised, ad services, or a malicious website set up with specific intent. Whatever the method, because the malware is transported via your browser, it goes undetected by traditional antivirus software.
#4. Fileless Attacks
Most antivirus software relies on file inspection to detect cyber threats. Remove the file and the malicious activity slips under the radar.
Like many cyber threats, these attacks often use social engineering techniques and phishing emails. Once access is gained, the objective of a fileless attack is to travel between devices gathering valuable data along the way.
Fileless attacks are 10 times more successful than file-based attacks.
#5. Obfuscated Malware
As part of their drive to get ahead of cyber threats, antivirus developers will often use sandbox environments to execute malicious software and examine its behaviour. But cyber criminals have developed their own defences.
Some of the latest malware will recognise when it is in a sandbox environment and falls silent. It will only ever activate an attack in a live setting. This makes it impossible for antivirus programmes to detect its signature in a test setting.
Stay on top of cyber threats
The world of cybercrime develops fast. And the new reality of homeworking is making it harder for businesses to protect devices and their network.
A survey found that 20% of workers had not received any IT advice or cyber security training before moving from the office to homeworking.
When it comes to cyber security, we have a proactive approach. We monitor your systems daily and include regular cyber security audits as standard. Our audits are based on the Cyber Essentials 5 key controls, so you can be confident you’re staying ahead of the game.
What’s more, we offer all clients and their team members content-rich, cyber security training that’s relevant to them and their industry.
To find out more, drop us a line – we’re waiting to share our expertise with you.