Threat of the month

Share this article:
What is it?

In July, the new Stuxnet malware was found to use legitimately signed files in the targeted attack of SCADA control systems. Although the signature was reportedly expired, it is clear evidence that a digital signature can be “compromised” if enough resources are applied.

Following that, in August, a new variant of Alureon, a popular rootkit, was found to evade driver signing and kernel patch protection built into Windows 64-bit operating systems. This event demonstrates how the security controls can be bypassed by infecting the master boot record and executing the malicious code before the operating system's security controls can establish themselves.

How can I prevent it?
Those behind these malwares have the means and motivation to succeed. As a global IT community, we must be aware of these advanced threats targeting our environments. Further, we must find
ways to employ additional layers of control to limit the opportunity for
compromise.

— Don DeBolt, director of threat research, CA Technologies
Share this article:

Sign up to our newsletters

More in Opinions

The cool factor: New tech in banking has an edge

The cool factor: New tech in banking has ...

Disruption is expected; financial crime should be, too.

Me and my job: James Hill senior security architect, Consolidated Data Services

Me and my job: James Hill senior security ...

James Hill senior security architect, Consolidated Data Services (CDS), discusses his role at his organization.

Ahead in the cloud

Ahead in the cloud

Growth businesses are always looking for flexible ways of working that reduce capital and running costs, while securely delivering the data users need, when and where they need it.