Speaking at Infosecurity Europe 2019, Iko Azoulay, founder and CTO of Empow, discussed ‘multi-intent malware’ – which he described as malware designed to have multiple attack impacts and methods that do more than just infect a system for a single goal.
He referred to diversification as an effective development strategy for any business, and explained that cyber-attackers are now turning to diversification in their malware attacks to cause maximum, proliferated impact.
That has made classification of malware attacks a far harder task for organizations, Azoulay added, and so newer strategies must be implemented to establish the intent of modern malware.
He therefore pointed to four key pillars for protecting against multi-intent malware attacks.
The first is auto-classifying all possible intents of malware, and Azoulay suggested a “technology versus technology, or “machine versus machine” approach can be effective.
The second is the use of behavioral-based protection tools, and the third is adding context to alerts as “different contexts may result in different intents and ultimately different protections.”
The fourth pillar of multi-intent malware defense is “acting according to business logic.”
To conclude, Azoulay reiterated the importance of systems that can automate malware and attacker classification to detect, prioritize and remediate both known and unknown threats.