Enhance Incident Response with Automated Malware Analysis
Brace for Attack & Prepare for Regulations
There have been a couple of related news stories that caught my attention last quarter – both of them involving ransomware, critical infrastructure, and the federal government. The first was the Senate approval of new cybersecurity legislation, the Strengthening American Cybersecurity Act, and the second was an FBI FLASH about RagnarLocker.
On one hand, the FBI FLASH provided nearly 40 indicators of compromise (IOCs) for RagnarLocker, which organizations can utilize to prevent these ransomware attacks that have been targeting critical infrastructure. On the other hand, the Strengthening American Cybersecurity Act will require critical infrastructure entities and civilian federal agencies to report substantial cyberattacks within 72 hours. Critical infrastructure providers will also be required to report ransomware payments within 24 hours.
Both stories serve as a valuable reminder of the immediate importance of a security operations center (SOC) and incident response (IR) function for critical infrastructure protection; either to proactively investigate IOCs and to protect against ransomware attacks or to report them to the authorities in a timely manner. Malware analysis is a critical function for this process, as it enables security teams to move past “check the box” compliance toward a more mature threat intelligence program with the ability to “know the enemy.”
OPSWAT’s State of Malware Analysis 2022 report revealed that less than half of organizations have a dedicated malware analysis function. Furthermore, 93% of organizations are challenged by the tedious and manual process of malware analysis. The greatest challenge with malware analysis is that tools are not automated or integrated, which can result in a number of time-consuming and error-prone processes across disparate tools and disconnected workflows.
Whether critical infrastructure providers need to enhance their malware analysis capabilities to investigate and prevent ransomware or to report it in a timely manner, OPSWAT is eliminating the barriers to success by removing the need for specialized skill sets and breaking down siloes between solutions. Malware analysis doesn’t have to be complex – OPSWAT makes it simple, yet powerful. But one thing is for certain: malware analysis is critical.
- ファイルアップロードの保護 – 10 のベストプラクティスで サイバー攻撃を防御
- MetaDefenderによる世界で最も危険なマルウェアEmotetの防御
- OPSWAT Expands Global Availability of Critical Infrastructure Protection
- OPSWAT Announces Expansion of Cybersecurity Training Program
- Avoiding storage data leaks and PII regulation noncompliance
- How OPSWAT Can Help Detect and Prevent the VMware WorkSpace ONE Access exploit (CVE-2020-4006)
- Protecting Critical Infrastructure from Advanced Cyberattacks
- MetaDefender Cloud Hash Reputation Database Now Exceeds 40 Billion
- OPSWAT Continues to Expand OESIS Framework with New Partners
- 6 Potential Security Gaps in File Transfer Process for Critical Infrastructure