Researchers have found that hackers are using a bootkit malware called Nemesis, to steal payment card data. Even though it was discovered in September, further investigation by FireEye shows that Nemesis has the ability to load ahead of the operating system making it difficult to detect and outside the bounds of normal anti-malware software.
Tim Erlin, Director of IT Security and Risk Strategy at Tripwire offered @DFMag the following expert opinion;
“Malware has moved from coming through an open door to being built into the foundation. It’s harder to detect, and harder to remove.
We should expect malware to evolve to defeat security controls. The industry is, and should be, working to develop new ways to detect and defeat evolving malware.
While it’s important to work on tools to detect specific malware, implementing tools to identify suspicious changes in the environment provides a solid defense in depth strategy. Even the most stealthy malware has an objective, most often making changes in the environment or moving data across the network to accomplish it. Security teams should be working to identify these behaviors, in addition to installing more basic detective tools.”
(101)
