The Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) worked together to create an advisory alerting the public to the top malware strains in 2021. Apart from including incredibly helpful summaries of each strain, the report also gives an insight into the state of cybersecurity. Here are three things we found as we read this advisory:
1. We know what to do and why.
Out of the eleven strains of malware that were identified as the most common, ten infect (either solely or in conjunction with) via email. That’s not surprising (hello, phishing attacks) considering the rest of the literature but it confirms that we already know where our trouble spots are. What is perhaps more surprising is that nine out of the eleven have been known about for a minimum of five years…some for as long as ten (specifically Qakbot and Ursnif). Not only do we know where our trouble spots are, we also know how we’re likely to get hit. As CISA and ACSC point out, it gives us time to prepare. We’d like to add that it also gives us a higher responsibility to prepare. Don’t just listen to cybersecurity recommendations—do them.
2. Flexibility and creativity will win out.
We can’t pretend it’s only negligence that causes data breaches. As the advisory points out, “updates made by malware developers, and reuse of code from these malware strains, contribute to the malware’s longevity and evolution into multiple variations.” Cybercriminals are creative, flexible, and entrepreneurial, using what works and evolving to fit specific needs. This creative and flexible mindset is essential, not only for cybercriminals but for cybersecurity professionals. The cyber landscape is one that either cybercriminals or cybersecurity professionals can control, not both. At the end of the day, whoever evolves quicker wins out.
3. Cybersecurity isn’t a ‘Lone Ranger’ activity.
This last one has less to do with malware strains and what they can tell us, and more to do with the importance of what CISA and ACSC have communicated. Throughout the entirety of the advisory, a wide variety of resources were referenced. The reality is that there is an embarrassment of riches when it comes to free resources, and there are cybersecurity professionals who believe in cybersecurity and safety more than they’re worried about anyone ‘homing in on their territory.’ The moment cybersecurity becomes a lone enterprise is the moment when creativity, flexible thinking, and security start breaking down.
If you haven’t had a chance to read the advisory for yourself, we strongly recommend it. It’s chock-full of helpful details, as well as a section of recommendations from CISA and ACSC on staying cybersecure. We enjoyed it, and likely, you will too!