Story image

How technical research can help businesses stay secure

02 Apr 2019

As cybercrime and malware attacks become more prevalent and dangerous, it’s important to understand the role research and study have in combatting cybercrime developments and protecting organisations against growing threats. High-quality malware research is necessary to keep cybercrime at bay, according to ESET. 

Malware’s effect on large organisations and even governments are becoming more pronounced, as evidenced by February’s large-scale cyber attack affecting all three major political parties.

It’s increasingly important for public and private-sector organisations to realistically address their cybersecurity vulnerabilities. More and more, responsible cybersecurity practice requires organisations to be accountable and open, setting a positive culture in cybercrime awareness and discussion. 

ESET senior malware researcher Robert Lipovsky says, “More organisations should reveal their experiences with cybercrime, rather than try to cover them up, to foster a greater culture of awareness and understanding, because we’re all in this together. 

“Greater awareness of cybersecurity risks relies on in-depth malware research. ESET researchers’ investigations into large-scale malware and ransomware events, including BlackEnergy, and NotPetya; the most damaging cyber attack in history, has been critical in understanding and predicting cybercriminals’ movements, targets and intentions.” 

“Comprehensive research into malware like BlackEnergy has also helped cybersecurity experts identify successor threats. For example, GreyEnergy was named in a streak of energy company attacks across Europe late last year. Existing research is critical in mitigating risks as they occur and in preventing further malware development.” 

Increasingly, researchers are employing machine learning (ML) to analyse detected malware and develop security systems capable of matching sophisticated cybercrime. Although a critical predictive and defensive tool, many cybercriminals also use ML to create malware specifically designed to outsmart existing security suites and features. 

Lipovsky continues, “Many security researchers expect a cat-and-mouse game between the good guys and the bad guys to continue. While both sides are armed with access to ML technology and highly skilled professionals, the competition between cybersecurity professionals and cybercriminals will most likely be long-term and ongoing. 

“What’s set to distinguish these competing forces is a dedication to research, malware tracking and analysis, and malware education, which continues to strengthen quality security developments in niche and relevant ways and catch the next strains of malware.” 
“Research helps security professionals learn how malware criminals operate, and what they might do next.” 

Cyber attacks affecting governments and organisations are becoming stronger and harder to detect, as malware developers design infections that blend into the background. 

Quality malware research is a strong differentiator between cybersecurity professionals and cybercriminals, and, with the right public dialogue around cyber attacks, can help organisations get ahead of attackers. 

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.