Sophos: Cyber Attacks Often Recycle Existing Malware And Hacker Techniques

Headline grabbing cyber attacks are often around hackers exploiting existing falws, evolving established techniques or simply recyclingn existing malware; cutting edge never-seen-before hacks are not nearly as common.

On Silicon’s stand at Infosecurity 2017, we were joined by Fraser Howard, principle threat researcher at Sophos Labs, to discuss his perspective of the threat landscape and what the next big cyber attack vectors could be.

Recycling code

Throughout Infosecurity 2017, there was plenty of discussion around hackers recycling existing malware and tweaking it for their own specific nefarious needs, rather than building new weaponised code from scratch. This is something Howard has also observed.

“We see certain families [of malware], like QakBot for example, these are families that have a certain degree of investment by the hackers; there’s a code base, there’s a group that are continually developing and enhancing that code base, maybe there’re a spin-off groups that then take on that code base and take it further. And so we quite often see threat families that may be around for three, four, five or even more years,”

But Howard also pointed out that hackers were not just recycling code but also hacking techniques building upon them to create evolved cyber attacks.

Given the profile of the attack Howard also discussed WannaCry with us, pointing out the challenges behind protecting legacy software; his solution to the problem is to work hard on bolstering firewalls and finding ways to protect attack from reaching machines running old software.

This is something fellow cyber security firm Trend Micro suggests, though it would appear to be easily said than done.

For the full interview check out the video above.

There was plenty more going on at the Silicon stand, including a discussion with, Darktrace on IoT insider security threats, and insight from Symantec on IT integration and security.

Quiz: Are you a security pro?