October 26, 2018 By Warren Perez Araya 2 min read

In the world of technology, things are constantly moving and changing — and cybersecurity is not an exception. As the good guys get smarter, the bad guys get sneakier and stealthier. This is especially true of malware, which has evolved dramatically in the last couple of years.

We’re now seeing malware with artificial intelligence (AI) that is capable of mutating and even automatically detecting whether it is being run inside a sandbox. Due to this challenge, adoption of malware analysis has been on the rise in recent years. Does this mean that every company should start analyzing malware? The short answer is no.

How to Know If Malware Analysis Is Right for You

There are two main reasons why it may not be the right time for a company to invest in a malware analysis team. First, many enterprises don’t have the resources to build and maintain such a team. Second, there are a lot of companies out there that specialize in malware analysis, many of which provide an on-demand service that generates indicators of compromise (IoCs) and makes them available to the public for free.

For some companies, it may not make sense to have a team dedicated to analyzing malicious code because the business does not specialize in that area. It would be difficult to imagine an energy company investing in a malware analysis team, for example, but that doesn’t mean it shouldn’t use threat intelligence gathered by malware specialists. Even though most organizations don’t have to worry about malware analysis, they all need to worry about their security. Integrating a system that can alert security teams based on IoCs generated by specialized companies is a great way to enhance security on a budget.

Enhance Enterprise Security on a Budget

Publicly shared IoCs are a great resource and can help businesses identify the presence of malware in their infrastructure, despite their inability to analyze malicious code. Ingesting these types of IoCs can help security teams detect malware without analyzing the code itself.

For companies that want to have more visibility into network activity but lack the ability to analyze malware, using what is publicly available and developed by specialized companies around the world could be the difference between a malware infection and a crisis.

More from Network

Databases beware: Abusing Microsoft SQL Server with SQLRecon

20 min read - Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I have seen a decentralized zero-trust network, enterprise Linux, macOS network, or Active Directory alternative (FreeIPA). As I navigate my way through these large and often complex enterprise networks, it is common…

Easy configuration fixes can protect your server from attack

4 min read - In March 2023, data on more than 56,000 people — including Social Security numbers and other personal information — was stolen in the D.C. Health Benefit Exchange Authority breach. The online health insurance marketplace hack exposed the personal details of Congress members, their families, staff and tens of thousands of other Washington-area residents. It appears the D.C. breach was due to “human error”, according to a recent report. Apparently, a computer server was misconfigured to allow access to data without proper…

X-Force identifies vulnerability in IoT platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

Cybersecurity in the next-generation space age, pt. 4: New space future development and challenges

4 min read - View Part 1, Introduction to New Space, Part 2, Cybersecurity Threats in New Space, and Part 3, Securing the New Space, in this series. After the previous three parts of this series, we ascertain that the technological evolution of New Space ventures expanded the threats that targeted the space system components. These threats could be countered by various cybersecurity measures. However, the New Space has brought about a significant shift in the industry. This wave of innovation is reshaping the future…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today