Polymorphic Malware: How to Protect Against This Rising Threat
What is Polymorphic Malware?
Polymorphic malware is a type of malware which constantly changes the features by which it is identified. This means that it can more easily evade detection.
Identifiable features that are often changed are file names and types or encryption keys. By changing characteristics, a new signature is generated, meaning that signature-based detection solutions will not recognise the file as malicious.
Even if the new signature is detected and added to your solutions’ database, this type of malware will continue to change signatures and carry out attacks without detection.
How Much of a Threat is Polymorphic Malware?
Additionally, Gartner estimates that enterprise infosec spend is 90% prevention and 10% detection. However, thus far, in this case, preventative controls are failing to stop malicious activity.
How to Protect Your Business From Polymorphic Malware
Keep software up to date; unpatched software leaves businesses vulnerable to attackers.
Do not click on suspicious links or attachments within emails.
Use strong passwords and remember to change them regularly
Make use of malware detection solutions. At Arden, we recommend Sophos solutions to protect both your network and endpoints.