Malware Incident Prevention and Handling for Desktops and Laptops – NIST Malware Incident Prevention

NIST Malware Incident Prevention and Handling for Desktops and Laptops – Special Publication 800-83

Malware, also known as malicious code, refers to a program that is covertly inserted into another program with the intent to:

  • destroy data.
  • run destructive or intrusive programs.
  • compromise the confidentiality, integrity, or availability of the victim’s data, applications, or operating system.

Malware is the most common external threat to most hosts. It’s able to cause widespread damage and disruption and necessitating extensive recovery efforts within most organizations.

Organizations also face similar threats from a few forms of non-malware threats that are often associated with malware. One of these forms that has become commonplace is phishing, which is using deceptive computer-based means to trick individuals into disclosing sensitive information.

“Malware threats may be a complex incidente” says Douglas Bernardini, Cybersecurity Specialist & Cloud Computing Expert

This publication provides recommendations for improving an organization’s malware incident prevention measures. Publication also gives extensive recommendations for enhancing an organization’s existing incident response capability so that it is better prepared to handle malware incidents, particularly widespread ones.

This revision of the publication, Revision 1, updates material throughout the publication to reflect the changes in threats and incidents. Unlike most malware threats several years ago, which tended to be fastspreading and easy to notice, many of today’s malware threats are more stealthy, specifically designed to quietly, slowly spread to other hosts, gathering information over extended periods of time and eventually leading to exfiltration of sensitive data and other negative impacts.

see full document here:

NIST Malware Incident Prevention Special Publication 800-83

Malware MSP MSSP Ransomware Threats

SonicWall Knows MSSPs, MSPs Are Targets

SonicWall Knows MSSPs MSPs Are Targets. SonicWall is particularly attuned to the threat ransomware poses to a whole host of organizations. It includes MSSPs and managed service providers (MSPs), SonicWall president and chief executive Bill Conner said. “As we see it, ransomware is on a nearly unimaginable upward trend, which poses a major risk to businesses, service providers, governments and everyday citizens,” he said. “The real-world damage caused by these attacks is beyond anecdotal at this point.”

SonicWall released its findings following a mid-October White House virtual conference of 30 nations. The goal was to hammer out strategies to combat ransomware and other types of cyber crime. At the summit, Australia, Britain, Germany and India led panel discussions. With attendees also from Eastern Europe, the Middle East and Latin America. Russia and China, universally considered the primary perpetrators of most cyber offensives, were not invited to the meeting.

“It is one of the biggest threats in cybersecurity today” says Douglas Bernardini, Cybersecurity Specialist & Cloud Computing Expert

Of note, SonicWall also discovered 307,516 previously unknown malware variants through September, 2021 for a 73 percent spike from last year. The Milpitas, California-based security specialist said its researchers found more than 1,100 novel variants per day.

“The risk of ransomware infection is increasing, and tools like Sonic Wall are invaluable allies.” says Douglas Bernardini, Cyber Security Specialist and Cloud Computing Expert.

Here are some additional SonicWall ransomware findings:

  • In June, 2021, a new high water mark of 78.4 million ransomware attacks were recorded.
  • SonicWall logged the equivalent to 9.7 ransomware attempts per customer each business day.
  • The 190.4 million ransomware attempts in Q3, 2021 alone made it the highest quarter ever recorded by SonicWall, nearly overtaking the 195.7 million total ransomware attempts logged during the first three quarters of 2020.
  • The U.S. has incurred a 127 percent year-to-date increase in the number of ransomware attacks while the U.K. has seen a 233 percent surge.
  • Internet of Things malware incidents rose 33 percent globally.
  • An overall 21 percent increase in crypto-jacking with a 461 percent balloon across Europe.

See also: Sonic wall cyber report 2021

Source: mssp alert