Enhance Incident Response with Automated Malware Analysis

Brace for Attack & Prepare for Regulations

There have been a couple of related news stories that caught my attention last quarter – both of them involving ransomware, critical infrastructure, and the federal government. The first was the Senate approval of new cybersecurity legislation, the Strengthening American Cybersecurity Act, and the second was an FBI FLASH about RagnarLocker.

On one hand, the FBI FLASH provided nearly 40 indicators of compromise (IOCs) for RagnarLocker, which organizations can utilize to prevent these ransomware attacks that have been targeting critical infrastructure. On the other hand, the Strengthening American Cybersecurity Act will require critical infrastructure entities and civilian federal agencies to report substantial cyberattacks within 72 hours. Critical infrastructure providers will also be required to report ransomware payments within 24 hours.

Both stories serve as a valuable reminder of the immediate importance of a security operations center (SOC) and incident response (IR) function for critical infrastructure protection; either to proactively investigate IOCs and to protect against ransomware attacks or to report them to the authorities in a timely manner. Malware analysis is a critical function for this process, as it enables security teams to move past “check the box” compliance toward a more mature threat intelligence program with the ability to “know the enemy.”

OPSWAT’s State of Malware Analysis 2022 report revealed that less than half of organizations have a dedicated malware analysis function. Furthermore, 93% of organizations are challenged by the tedious and manual process of malware analysis. The greatest challenge with malware analysis is that tools are not automated or integrated, which can result in a number of time-consuming and error-prone processes across disparate tools and disconnected workflows.

Whether critical infrastructure providers need to enhance their malware analysis capabilities to investigate and prevent ransomware or to report it in a timely manner, OPSWAT is eliminating the barriers to success by removing the need for specialized skill sets and breaking down siloes between solutions. Malware analysis doesn’t have to be complex – OPSWAT makes it simple, yet powerful. But one thing is for certain: malware analysis is critical.

Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.