A Polymorphic Virus is a type of ‘shape-shifting’ virus, producing malicious code that is able to replicate itself with new signatures but identical payloads over and over again. These viruses repeatedly change their overt characteristics in an attempt to evade and outwit your computer’s defenses and sabotage your system. Polymorphic capabilities are designed to evade signature-based cybersecurity solutions like antivirus and Anti-Malware.
This threat continues to grow. Antivirus researchers in 2020 determined that 97 percent of newly identified viruses had polymorphic properties. In 2015, it took the combined efforts of the FBI and Europol to bring down a botnet running advanced polymorphic malware called Beebone. This polymorphic botnet contained at least 12,000 compromised computers and was able to change itself up to 19 times a day to avoid detection.
Source: Kaspersky, TrendMicro
Related Terms: Macro Virus, Memory-Resident Virus, Melissa Virus
What does this mean for an SMB?
Antivirus:
One of the simplest and best ways to protect your systems from dynamic, changing code is to ensure you have the right type of security solution software in place. Have a high-quality heuristic and signature based antivirus solution will give far more comprehensive protection than just signature based or just heuristic based antivirus protection. Heuristic based solutions examine the actions and activities taken by code running on your system and prevent certain things from happening: for example, encrypting files should never happen and many heuristic programs prevent that helping you avoid a ransomware attack.
Employee Awareness Training
The initial exploit of a system often comes from human error, performing an action like downloading and running an infected email attachment, or visiting a website that has been compromised. Your own good judgment is often your first and best line of defense.
- Deploy cybersecurity awareness training for your employees and
- Phish Test employees quarterly
Keep Software Up to Date
Cybercriminals are constantly updating and morphing their virus code. All of the good guys should do the same. Updates are released in the form of free software patches for your desktop and laptop computers, but also for your IoT devices. Make sure you install all system and software updates to everything.
Guide Staff With Cybersecurity Policies
Cybersecurity policies are a great way to keep staff informed and accountable to company expectations on behaviors and technology usage. CyberHoot recommends adopting the following four foundational governance policies if you haven’t any defined just yet:
- Password Policy
- Acceptable Use Policy
- Information Handling Policy
- Written Information Security Policy (WISP)
Perform a Risk Assessment
Spend your finite time and money on the most critical risks you face, identified in a Risk Assessment by a competent professional. CyberHoot comes with built in cybersecurity assessments to help our clients do just this.
Purchase Cybersecurity Insurance for Catastrophic Failures
When all your preparations and protections fail you, having cybersecurity insurance to help you recover quickly and effectively can mean the difference between a complete failure of your company and just a bad year. Protect yourself no differently than with Fire, Flood, Errors & Omissions, or car insurance with Cybersecurity Insurance. Here are two articles on what cyber insurance can cover and some of the challenges it has.
Conclusions
By building a robust, defense-in-depth cybersecurity program as outlined above, you create an equal playing field where the hackers do not have the upper hand.