You may have noticed recent news about large scale malware spreading around the world. Curiously, as hacking events become more commonplace in the mainstream news cycle, businesses who’ve been targeted seem to make coinciding announcements, so the announcement is lost amidst the commotion.
Last month, Chipotle announced that most of their POS systems were infected with malware that collected credit data. The electronic virus merely adds to their long streak of bad PR following the string of E. Coli outbreaks. But despite the scale of the infection and the potentially devastating effects of credit card data theft, barely anyone noticed. While the recent news of hacking has created a steady chorus of noise, drowning out significant stories, the hacks themselves are spreading more subtly. The long term consequences of unknown, yet active, hacks seem to be growing exponentially.
Hacking News Implies a Failure
While news of the Malware attack, WannaCry or W.Cry, rippled throughout the world, the best hacks remain mostly unnoticed. There was consensus around analysis that W.Cry was part of an amateur group affiliated with the North Korean regime. The vulnerabilities that W.Cry exposed were already patched by Microsoft and mostly affected people who used pirated copies of Windows (Asian countries took the brunt of the impact). When W.Cry made the news, security researchers considered it to be the work of amateurs because of several tactics and shortcomings in the malware’s design that reduced its efficacy. W.Cry’s general failure as a hack burned bridges by reducing the chances that similar hacks could further exploit the vulnerabilities with more success.
Adylkuzz was a variant that predated W.Cry, and was more effective in infecting computers and collecting money, but since it ran mostly undetected on people’s computers, there was less news surrounding it (a characteristic of a successful attack). W.Cry effectively cut Adylkuzz’s gains short by making everyone more aware of the vulnerability. Despite the news of W.Cry, hackers are blending their attacks into the surroundings with more ingenuity. Obvious mistakes are becoming less common.
Social Media as a Malware Vector
Time Magazine and the Times recently wrote parallel stories about state-sponsored malware that targets Department of Defense Employees through social media. While on the surface, it appears like any recent investigation into state-sponsored hacking, the implications are much more than meets the eye. The DoD disclosed the targeted attacks a couple years ago as employees fell victim. As the Times mentioned, the act of sending a malicious file or link through a seemingly innocuous message, is hardly new.” What is new is the specificity of the targeting, the resources necessary, and the resulting gains in effect. The ongoing investigation into White House ties with Russia ads a new dimension to the old announcement.
The Evolution of Malware
In many ways, hacking resembles the advertising world. Before, most marketing departments simply bought ads in magazines, billboards, and on TV. You needed a large budget, plenty of brokers, and you didn’t get to see a campaign’s effectiveness for a few quarters. Hackers used to do this too. They’d target a vulnerability, send an attachment in email and wait for victim’s computers to signal home. Most of us wondered how people clicked something so obviously malicious.
The shotgun approach to marketing quickly became an artifact as advancements in digital advertising achieved better results. Now, marketers can target individuals in subtle ways that they barely notice, or notice just enough, and change their behavior while monitoring the results in real time. Instead of sending millions of emails and hoping for the best, hackers pick a refined group of targets and then customize the bait to improve their rate of success.
Data is increasingly more valuable to steal and sell, and most importantly, the tools that grift are rarely noticed. A successful infection within the right computer can provide a steady stream of private data for years without raising any red flags. The methods of attack are disguised well enough that even cybersecurity professionals are fooled from time to time (they often hack one another for sport). As businesses update their hardware and software and improve their network security, infections that weren’t noticed will naturally get thrown out. But if you’re hardware and software are out of date, you should have a team of IT professionals assess your network. Computers are getting replaced less often than they used to because PC technology has progressed so that you don’t have to think about your computer most of the time, but malware is in the same boat.