If you were to Google the phrase “stealth virus” in 2020, chances are the first result will be about a stealthy virus we know as COVID-19. However, that is not the virus we’re talking about today…thankfully.
Instead, we are talking about another type of infecting virus. In this case, it’s a form of malware that has been built by cyberhackers to avoid detection by antivirus and antimalware programs and hide on your computer in stealth mode.
Believe it or not, stealth viruses have been infecting computers or their boot disks before you ever heard “you’ve got mail”.
They can hide in real files, boot sectors, or other partitions without your computer system or you even knowing it’s there. This allows cyberattackers to take over control of the infected machine.
(Stealth viruses are one cybersecurity trend we’re seeing in 2021. Click here to read about others)
What is a Stealth Virus?
Basically, a stealth virus pretends to be one of your good and normal computer files going about its work. Yet in reality, it’s a malicious attacker waiting to enact a hostile takeover when you’re not looking.
Like all forms of technology, malware has evolved and become more sophisticated over the years using stealth techniques and becoming practically undetectable. This had led the way for the first zero-day attacks.
Most cybersecurity defenses depend on a database of known viruses stored as signatures. It uses these signatures to compare against applications, files, and behaviors to defend your computer systems.
(Does your company utilize a managed service provider? Learn more about how they help your business here)
Understanding Zero-Day Attacks
A zero-day attack is an attack that does not have a known signature to compare against by-passing whatever defense you have set up. According to WatchGuard Technologies, during the first quarter of 2020, 67 percent of malware was encrypted, delivered via HTTPS protocols. 72 percent of the encrypted malware was classified as zero-day.
VMWare’s Carbon Black report, which maps out their attack data according to the MITRE ATT&CK™ Framework, states that defense evasion behaviors were observed in nine out of 10 samples of malware that they analyzed. This indicates that cybercriminals are being more stealthy in their hacking endeavors. This behavior is also seen in 95% of ransomware samples.
So what does this mean to real-life businesses? How can we put this into perspective of what this threat of stealth viruses could mean?
Well, one of the biggest ransomware attacks of 2020 was the Magellan Health data breach that we discuss in this article. This Fortune 500 company was a victim of Ransomware specifically, as well as a secure data retrieval attack. This attack affected over 365,000 patients.
A class-action lawsuit has been filed against Magellan Health. It cites that information compromised in the breach includes:
- Contact information
- Employee ID numbers
- W-2 or 1099 information (such as Social Security numbers or taxpayer ID numbers)
- Treatment information
- Health insurance account information
- Member IDs
- Email addresses
- Phone numbers
- Physical addresses
—and other health-related details, per the complaint.
(Be sure you’re also well-aware of phishing schemes. We discuss that topic in this post)
Could your business afford to be the victim of a stealth virus attack?
Well, while we stated at the beginning of this article that we were in fact NOT talking about COVID-19 when we mention stealth viruses. But the truth is, the pandemic has definitely been the fuel to flame the increase in these stealth attacks due to the increase in telecommuting it has caused.
Many companies have a sole focus on connecting remote employees to their networks. Ultimately, other things fall to the wayside, and many shortcuts are used that may have created security holes in a corporate network making the company vulnerable to attack. As a result, companies are now reviewing these deployments. They have also been called to strengthen cybersecurity measures to ward off stealth attacks by cybercriminals.
Theoretically, (according to PandaSecurity.com), if a stealth virus/zero-day attack is deployed via a social network with 2 billion users, it would take no more than five days to infect more than a billion devices.
So how can companies protect themselves and their customers from these stealth attacks?
For starters, by making sure you protect your critical data from the inside and outside. To do this, work with an IT company like CloudNexus Technologies, to assess and mitigate your risk.
For a free preliminary Cybersecurity Analysis, click here.