Published: April 23, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
KBOT is a blast from the past that no one is happy about. Finding a malware that’s still a serious, growing threat eight years after it was first detected doesn’t happen every day. Researchers at Kaspersky discovered KBOT malware is not only alive and well, it’s been living in data systems for years. It seems once KBOT finds its way into a device, it stays there and spreads. From there, the malware continues to expand into different areas that can delete data forever, slow down systems, and steal personal and banking data. It’s this continuing expansion over time that leads researchers to refer to KBOT as a “living” virus found in the wild.
Years ago, KBOT was one of many computer viruses and worms that were common at the time. Today, those commonplace malware attacks have been replaced with more targeted and sophisticated threats like ransomware, Trojans, cryptocurrency miners, and finding surveillance software on mobile devices. There are clearly new and different threat landscapes to guard against today, but it looks like KBOT never got the memo.
The malware makes its way onto data systems in a variety of ways including local networks, removable devices and of course, through the Internet. Guarding against KBOT includes having employees who are cyber educated on a regular basis and who know how to spot a phishing email before it’s too late. Staff should know not to open an email that looks suspicious, isn’t expected, or is from an unknown sender, especially if it’s spam email. An employee who isn’t aware of the phishing clues is likely to open the system up to malware-filled attachments and bogus links to web pages that steal sensitive information. All it takes is one wrong click to wreak havoc in a data system. Employees are often the first line of defense against malware attacks, so a cyber-smart staff that is trained and aware goes a long way keeping email phishing where it belongs–unopened and in the trash.
A business also needs to put system protections in place that stop malware intrusions from entering. Perimeter security tools should be in place to ward-off malware. It should include a firewall, of course, intrusion detection/prevention tools, and anti-virus and anti-malware tools that are properly configured, as misconfigured security tools are a help to no one but cybercriminals. Remember, cyber educated staff and protected systems go a long way keeping malware like KBOT from entering a data system from the start.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com