A
new breed of “invisible” malware, is on
the march, and if it strikes your servers,
there may not be much you can do about
it. In fact, you may not even be able to tell that it’s
there. In some cases, this kind of malware lives
RQO\LQPHPRU\PHDQLQJWKHUH¶VQR¿OHRQ\RXU
disks for your endpoint protection software to
¿QG,QRWKHUFDVHVLQYLVLEOHPDOZDUHPD\OLYHLQ
your basic input/output system (BIOS), where it
can use one of a few tactics to attack you. It may
HYHQDSSHDUDVD¿UPZDUHXSGDWHDQGUHSODFH
\RXUH[LVWLQJ¿UPZDUHZLWKDYHUVLRQWKDW¶V
LQIHFWHGDQGQHDUO\LPSRVVLEOHWR¿QGRUUHPRYH
“With the advancement in anti-malware and
Endpoint Detection and Response (EDR)
software making it easier to catch zero-day
malware, the malware writers are moving lower
on the stack,” said Alissa Knight, a senior analyst
with Aite Group’s cybersecurity practice who
specializes in hardware-based threats. Knight
said this new type of malware is being developed
so that it can evade detection by legacy software.
EDR software, which is more advanced than
OHJDF\$9SDFNDJHVLVPXFKPRUHH̆HFWLYHDW
catching attacks, and this software uses a variety
W
a
y
n
e
R
a
s
h
Invisible Malware Is
Here and Your Security
Software Can’t Catch It
Wayne Rash is a
freelance writer and
frequent reviewer of
enterprise hardware
and software. He is
also a senior
columnist for eWEEK.
Email him at
[email protected].
COMMENTARY