Blog
10.30.2017

You Must Remember This: Memory-Based Attacks Are the New Battleground

SC Magazine, October 30, 2017; by Willy Leichter, VP Marketing, Virsec;

Now, even B-Grade actors have easy access to cyber warfare tools created at the nation-state level

The multitude of recent cyberattacks have a number of things in common: they are sophisticated, multi-pronged, use fileless techniques, and target applications at the memory level – largely invisible to conventional security products.

Attacks including WannaCry, Petya, NotPetya, SystemD, Industroyer, and Apache Struts all leveraged memory-based attacks to infiltrate, pivot, and hijack valuable data. What used to be viewed as arcane, theoretical attacks have now become easily accessible through the Shadow Brokers leak of NSA memory corruption tool kits. Now, even B-Grade actors have easy access to cyber warfare tools created at the nation-state level.

We're not looking deep enough, we're usually looking backwards, and our reaction time is far too slow

This new wave of attacks highlights some fundamental flaws in how most practitioners approach cyber security: we're not looking deep enough, we're usually looking backwards, and our reaction time is far too slow.

Read full You Must Remember This: Memory-Based Attacks Are New Battleground article