LATEST INTELLIGENCE
ARTIFICIAL INTELLIGENCE:
THE SMARTER APPROACH TO
INFORMATION SECURITY
TRADITIONAL AV SOLUTIONS ARE NO MATCH FOR
TODAY’S SOPHISTICATED ATTACKS.
S
Single-Use, Highly Targeted Malware
Part of the exponential growth of malware, and
the bulk of the attacks on various industries, can
be attributed to the continued rise in polymorphic
and single-use malware. There is a general
misconception that publicly available repositories
of malware signatures are a complete catalog of
in-the-wild malware.
PRESENTED BY
Download whitepaper here
This misguided perception is further elevated
by thin endpoint controls that rely on looking
up hashes or validating binaries against these
public sources to determine if a file is a threat.
But, public repositories of signatures are by no
means comprehensive, complete, up-to-date, or
a reliable record of all the malware that could
impact an organization.
As a result, the most worrisome malware, from the
high-level commodity code to the ultra-sophisticated
targeted attacks, will never show up in repositories,
making them undetectable to traditional AV
solutions. Successful malicious campaigns often
remain hidden or dwell for months or even years
before components become known.
Even at that point, it is often only by a stroke of luck
that a file gets uploaded to a public repository, starting
the chain of events where it is picked up by other
analysts, pivoted upon, and exposed for what it is. n
Malicious actors do not want their creations to
end up on public malware lists (or otherwise in-
the-wild) and frequently take steps to ensure that
does not occur. They often use single-use or host/
campaign-specific binaries to remain hidden. It
is also well known that attackers take steps to
complicate and inhibit analysis of their creations
if they are discovered.
22
INTELLIGENTCIO
www.intelligentcio.com