Threat profile of Malware

Question: Discuss about the Threat profile of Malware. Answer: Introduction According to Soltani et al. (2014), the malwares are malicious softwares that are aimed to steal data or to get control over the infected system. The malware attacks are mainly done on the financial institutions to get the financial data. This report focuses on the malware attacks on the largest banks of the Australia (like the Commonwealth bank, Westpac and national Australia bank), mitigation techniques and the adequacy of those mitigation techniques. Name of the Threat The threat is a malware that attacked the apps of the different Australian banks to steal the customers credentials like the personal as well as the financial details. Systems that are affected by the Malwares In this scenario, the apps of the different banks are infected by the malware. This malware imposed a fake login screen to get the username and the passwords of the users. Therefore the devices used by the users are affected by the attack. Different types of malwares are available; some of them are given in the following table, Figure 1: Steps in Malware attacks (Source: Pk, 2015, pp-56) Steps in the Attack There are six steps in the malware attacks, which are Reconnaissance: In this step, the attacker identified the different flaws or vulnerabilities of the targeted systems of the different apps of the banks (Shabtai et al., 2012). Assembly: In this step attacker tries to obtain or customize the available malwares to infect the customers device and apps of the banks. Delivery: Propagation of the malwares is done in this phase. The users do not get the infected file from Google play; instead the users are forced to download it from the fake websites or using links. Compromise: The targeted system gets infected by the Malwares. Command: Capabilities of the malwares are unleashed in this step. The hacker gets the information about the login details of the customer. Mitigation Strategies (Reflection) In this case the malware was disguised under the different apps of the banks. Therefore, the above mentioned detection and mitigation techniques need to be changed and modified periodically (Gu, Porras Fong, 2015). The improvement in the detection technique helps to find and prevent the malwares. In addition to the above mentioned techniques the organizations and individuals can create a virtual environment inside the network device to detect the malicious source IP addresses (Shabtai et al., 2012). Moreover by accessing the device in the safe mode the users can safely use the different function of the apps. Internal law The internal laws need to be tightened to ensure the access of the users to the network and the central database. Moreover it is to be ensured that the entry of the users and their behavior are monitored (Gu, Porras Fong, 2015). This monitoring will help to identify the any of the suspicious activity that is related to the effect of the Malware attacks. International scope As it happened to the banks of the Australia, therefore the malwares can also affect the websites and the functionality of the apps of the related financial institutions (Shabtai et al., 2012). Therefore this incident of Australia alerts other financial institutions all over the world. As the banks are affected by the malware and data were stolen, therefore it needs to take preventive measures (Turner, 2016). In addition to that, the attackers may publish all the stolen data in the public domain. It would have caused much more harm to the business of the banks. Risk table Impact area Rank Impact value Total score Data breach 4 High 3 12 Reputation of the banks 3 Medium 2 6 Problems in operations 2 High 3 6 Productivity 1 Low 1 1 Total risk score 25 Table 1: Risk calculation table (Source: Created by Author) Conclusion The people with the evil intention always create a way to intrude into others systems so that they can steal the personal and financial data for their advantage. Therefore, to protect the systems from these growing threats, it is important to use multiple layers of security and change the approach of detection and prevention periodically. This is mandatory to protect the individual and organizational systems. References Gu, G., Porras, P. A., Fong, M. (2015).U.S. Patent No. 8,955,122. Washington, DC: U.S. Patent and Trademark Office. Pk, G. (2015). New methods for detecting malware infections and new attacks against hardware virtualization. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y. (2012). Andromaly: a behavioral malware detection framework for android devices.Journal of Intelligent Information Systems,38(1), 161-190. Soltani, S., Seno, S. A. H., Nezhadkamali, M., Budiarto, R. (2014). A survey on real world botnets and detection mechanisms.International Journal of Information and Network Security,3(2), 116. Turner, A. (2016).Malware hijacks big four Australian banks' apps, steals two-factor SMS codes.The Sydney Morning Herald. Retrieved 9 August 2016, from https://www.smh.com.au/technology/consumer-security/malware-hijacks-big-four-australian-banks-apps-steals-twofactor-sms-codes-20160309-gnf528.html