What is polymorphic ransomware?

Polymorphic Malware: How to Protect Against This Rising Threat

Recent cybersecurity trends have shown a rise in a new threat, known as Polymorphic Malware.

Now more than ever, each attack is unique to the individual victim. This means that they are harder for traditional endpoint security systems to protect against.

What is Polymorphic Malware?

Polymorphic malware is a type of malware which constantly changes the features by which it is identified. This means that it can more easily evade detection.

Identifiable features that are often changed are file names and types or encryption keys. By changing characteristics, a new signature is generated, meaning that signature-based detection solutions will not recognise the file as malicious.

Even if the new signature is detected and added to your solutions’ database, this type of malware will continue to change signatures and carry out attacks without detection.

How Much of a Threat is Polymorphic Malware?

Webroot researchers have found that 97% of malware infections employ polymorphic techniques. Some high profile examples include the ‘Storm Worm Email’ and ‘CryptoWall Ransomware’.

Additionally,  Gartner estimates that enterprise infosec spend is 90% prevention and 10% detection. However, thus far, in this case, preventative controls are failing to stop malicious activity.

How to Protect Your Business From Polymorphic Malware

Keep software up to date; unpatched software leaves businesses vulnerable to attackers.

Do not click on suspicious links or attachments within emails.

Use strong passwords and remember to change them regularly

Make use of malware detection solutions. At Arden, we recommend Sophos solutions to protect both your network and endpoints.

Discover More: