How do you outsmart malware? In an article published by Tech Crunch last week, tech reporter Ben Dickson investigates the new generation of smart malware. He manages to sum up the crux of the problem in two sentences: “Virus definition databases don’t seem to account for the growing number of new malware species and variants, especially when they’re smart enough to evade discovery. A more devious genus of malware is succeeding at even duping advanced security tools that discover threats based on behavior analysis.”
Dickson’s main objective, however, is not to despair at malware’s increasing cleverness but to explore possible methods to outwit it. He taps Morphisec Chief Science Officer Mordechai Guri, among other industry experts, for advice. “The attacker has to be stopped at the first step, before gaining an initial foothold in the system,” says Guri. He explains that Morphisec’s Moving Target Defense technology prevents malware from finding the sought vulnerability in the first place. “The attacker fails right at the beginning during the exploitation phase and is stopped before having a chance to inject malware into the target system.”
Dickson’s article describes Morphisec’s technology and approach in more detail: “Morphisec achieves this goal by concealing vulnerabilities in applications and web browsers, through a polymorphic engine that randomly scrambles the memory surface of processes at run time, making them unpredictable and indecipherable to attackers and malware. In this manner, any zero-day loophole or unpatched vulnerability will be concealed from prying eyes.”
Couldn’t have said it better ourselves. Read the full article here.