print   email   Share

New Malware Families Identified: Do You Have A Multi-Level Defense Plan?

The U.S. Department of Homeland Security (DHS) recently issued an alert from its National Cybersecurity and Communications Integration Center (NCCIC). The alert detailed particularly sophisticated malware attacks that are targeting several industries, including energy, manufacturing, health care, and public health sectors.

These attacks utilize several variants and families of a malware that mimics legitimate monitoring tools, making them difficult to detect. Organizations that do not employ appropriate defenses will find that cybercriminals can achieve full network and data access.

One malware variant, REDLEAVES, can send system information back to the hacker's server. PLUGX is another variant that takes screenshots and retrieves files, then sends the data using encoded communication to disguise the activity.

Officials at NCCIC strongly encourage organizations to establish "multiple defensive techniques and programs…to provide a complex barrier to entry, increase the likelihood of detection, and decrease the likelihood of a successful compromise." Jessica Davis "Feds warn of new, highly sophisticated malware campaign," (May 8, 2017).


It is important for organizations to establish a plan that includes prevention strategies, technological defenses, and recovery procedures.

Prevention strategies rely heavily on user behaviors. Ongoing training for all employees should emphasize keeping software current, creating strong passwords, prudent use of the Internet, and caution when opening email attachments and links.

Keep communication between IT staff and users open so that IT staff can provide users with current threat updates, and so users can alert IT staff to network problems.

Installing technical security tools is another important aspect of system security. Cybersecurity firms are creating new and innovative software that can detect and block many malware variants. These steps, together with a detailed plan for managing a malware attack if it occurs, will help provide the multi-level defense recommended by cybersecurity experts.

Finally, your opinion is important to us. Please complete the opinion survey: