malware

There’s Proof That North Korea Launched the WannaCry Attack? Not So Fast! – A Warning Against Premature, Inconclusive, and Distracting Attribution

By James Scott, Sr. Fellow, ICIT Last week, ICIT urged responsible news outlets to focus on meaningful aspects of the May 12, 2017 WannaCry attack on over 230,000 systems in over 150 countries, such as the desperate need for security-by-design in software and technology, the perpetual failure of organizations across the globe to secure their .. read more

Recommendations for Preventing Ransomware Exploitation

By James Scott, Senior Fellow, Institute for Critical Infrastructure Technology Ever since the WannaCryptor ransomware attack, also known as WannaCry or Wcrypt, began wreaking havoc around the globe, ICIT has received a flood of inquiries from policymakers, governments, and the private sector on how organizations can defend themselves.  ICIT is pleased to provide the following .. read more

ICIT Analysis: How to Crush the Health Sector’s Ransomware Pandemic

The health sector is the most vulnerable, most targeted, and resoundingly least equipped to defend against hackers who are pummeling healthcare organizations with ransomware attacks.   This ransomware epidemic will only become more severe and costly as the infection volume in 2017 will trump infections in 2016. In this post, entitled “How to Crush the .. read more

ICIT Analysis: Signature Based Malware Detection is Dead

Signature and behavioral based anti-malware are no match for next generation adversaries who utilize mutating hashes, sophisticated obfuscation mechanisms, self-propagating malware, and intelligent malware components. In this analysis, entitled “Signature Based Malware Detection is Dead,” the Institute for Critical Infrastructure Technology provides a thought-provoking analysis of the necessity for critical infrastructure sectors to adopt advanced .. read more

“Fake News” Is “Old News” for Nation State and Mercenary APTs

By James Scott, Senior Fellow ICIT Regardless of your partisan persuasion, your opinion of mainstream media or your opinion of the ‘alt-right,’ one thing is for certain, ‘fake news’ is ‘old news’ when it comes to the weaponization of information by nation states and cyber mercenaries. Cyber adversaries tailor spear phishing and malvertising lures to .. read more

ICIT Brief – Your Life, Repackaged and Resold: The Deep Web Exploitation of Health Sector Breach Victims

Despite being the most at-risk and perpetually breached critical infrastructure sector in the Nation, virtually all health sector organizations refuse to evolve their layered security to combat a hyper evolving threat landscape. As a result, when a healthcare system is breached and patient records are stolen, the entire brutal impact of the incident that resulted from .. read more

ICIT Brief: Combatting the Ransomware Blitzkrieg with Endpoint Security

Ransomware, the weaponization of encryption, has struck fear and confusion into the hearts of PC users and critical infrastructure communities alike. While it is impossible for organizations to prevent malware from infecting their networks, those who deploy a multi-layered security strategy and teach proper cybersecurity hygiene to their employees have a strong chance of defending against these .. read more