ACE and Chubb are now one.
 
 
ACE has aquired Chubb, creating a global insurance leader
that will operate under the renowned Chubb name.
Learn More Not Now
print   email   Share

New Malware Families Identified: Do You Have A Multi-Level Defense Plan?

The U.S. Department of Homeland Security (DHS) recently issued an alert from its National Cybersecurity and Communications Integration Center (NCCIC). The alert detailed particularly sophisticated malware attacks that are targeting several industries, including energy, manufacturing, health care, and public health sectors.

These attacks utilize several variants and families of a malware that mimics legitimate monitoring tools, making them difficult to detect. Organizations that do not employ appropriate defenses will find that cybercriminals can achieve full network and data access.

One malware variant, REDLEAVES, can send system information back to the hacker's server. PLUGX is another variant that takes screenshots and retrieves files, then sends the data using encoded communication to disguise the activity.

Officials at NCCIC strongly encourage organizations to establish "multiple defensive techniques and programs…to provide a complex barrier to entry, increase the likelihood of detection, and decrease the likelihood of a successful compromise." Jessica Davis "Feds warn of new, highly sophisticated malware campaign," healthcareitnews.com (May 8, 2017).


Commentary

It is important for organizations to establish a plan that includes prevention strategies, technological defenses, and recovery procedures.

Prevention strategies rely heavily on user behaviors. Ongoing training for all employees should emphasize keeping software current, creating strong passwords, prudent use of the Internet, and caution when opening email attachments and links.

Keep communication between IT staff and users open so that IT staff can provide users with current threat updates, and so users can alert IT staff to network problems.

Installing technical security tools is another important aspect of system security. Cybersecurity firms are creating new and innovative software that can detect and block many malware variants. These steps, together with a detailed plan for managing a malware attack if it occurs, will help provide the multi-level defense recommended by cybersecurity experts.

Finally, your opinion is important to us. Please complete the opinion survey:

Login

Log-in to access Training Modules, Article Archives, Model Policies and more!

Latest Numbers

Unemployment Rate

4.3% in Jul 2017

Payroll Employment

+209,000(p) in Jul 2017

Average Hourly Earnings

+$0.09(p) in Jul 2017

Employment Cost Index (ECI)

+0.5% in 2nd Qtr of 2017

Productivity

+0.9% in 2nd Qtr of 2017

Source: Department of Labor

Chubb Offers for Employment Practices Liability (EPL) Insured:

Loss Prevention Reimbursement Credit

HR Acuity On-Demand

Best Practice Minute

Available presentations

What's New

New Malware Families Identified: Why A Multi-Level Defense Is Important

DHS officials warn organizations about a malware family that is targeting multiple industries. Read about this risk and some best practices for malware defense. Read More

In a Competitive Recruiting Environment, Many Employers Offer More Benefits

A survey shows most organizations now offer health care for spouses, flexible work time, and other employee benefits. We examine the risk. Read More

Traveling? Why You Should Avoid Public Wi-Fi

A new survey finds we use our mobile devices despite of, and disregarding, the security risks. Here, we examine the risk public Wi-Fi presents travelers. Read More