Cyber Security

How to build an effective cyber defence against polymorphic malware

QA Cyber Security Trainer, James Aguilan, lists three key areas where security efforts should be focussed to counter polymorphic malware.

Polymorphic malware is an increasingly prevalent cyber threat which simply cannot be countered by traditional signature-based security measures. Instead, strategic investment in behavioural-based security measures, combined with employee education and regular software updates, can be used to create a robust, multi-layered approach that's far more effective in today's cyber security climate. Below are three key areas where security efforts should be focussed:


  1. Consistent cyber security training

    A large number of successful cyber-attacks start with an employee unwittingly clicking on a phishing email or malicious file attachment. Consistent employee training helps educate employee on tell-tale signs of attempted attacks, which in turn can significantly reduce the number of breaches that allow polymorphic malware in to begin with.

  2. Invest in behaviour-based detection tools

    Polymorphic malware is specifically designed to evade detection by traditional antivirus tools. As such, investments in this area can be largely futile and a waste of money. Instead, organisations should focus on more advanced, behaviour-based detection techniques. These methods offer the ability to track the way data is accessed and used by employees over time, with any suspicious activity automatically flagged. Behaviour-based solutions, like endpoint detection and response or advanced threat protection, can also pinpoint threats in real time before any data is compromised.

  3. Ensure software is always kept up to date

    Perhaps the most straightforward way of improving security against malware is ensuring that software and applications used within the organisation are always kept up to date. Major software vendors, such as Microsoft, Apple and Oracle, regularly issue crucial security patches for new vulnerabilities discovered within their software. Failure to install these promptly creates breach windows that are open to exploitation from anyone with knowledge of the vulnerabilities. Despite this, it can often be days, weeks or even months before these patches are installed, creating unnecessary risk. All organisations, no matter how big or small, must adopt a 'patch early, patch often' mantra.

Related Articles