The Newest strain of Metamorphic Malware: Tardigrade
Malware attacks against critical infrastructure are becoming more and more common as criminal groups seek out more advanced methods of infiltrating organizations. Like a virus, new strains of malware are infecting systems everyday and old methods of detecting and eradicating these threats are becoming outdated. In fact, over 18 million websites are infected with malware on any given week making it increasingly difficult for any organization to fly under a cyber criminals radar. This has resulted in the creation of increasingly inconspicuous forms of malware that push the limits of what virus' can accomplish. The newest strain of malware known as "Tardigrade" is a fantastic yet dangerous example of this.
The term malware (malicious software) refers to any software intended to cause harm to an individual or organizations system. This could entail the corruption of files, espionage, or theft of private data. Malware is a broad term that encompasses many methods and forms including: virus', worms, trojans, ransomware, etc. Typically, cyber criminals will infect and organizations system with malware for financial gain or the collection of private data. This can cost companies thousands of dollars and even more in reputation. While various methods of cutting out malware from your system can be effective some new strains have begun to push the limits.
The newest strain of Windows Malware known as Tardigrade has started to infect systems in the Bio manufacturing field making tasks like vaccine production increasingly difficult. It was given its name to reference a highly resistant microorganism that is known to survive in extreme, heat, cold and even space. Tardigrade was discovered when it attacked a bio manufacturing facility in Spring of 2021. Biobright, a biomedical and cybersecurity firm, was able to identify Tardigrade as a much more dangerous strand than first anticipated.
It was found that this strain has metamorphic capabilities making it extremely difficult to detect and remove from any given system. The term metamorphic in regards to security means that this form of malware is able to actively recompile and change its code when infecting a new device. The new degree of adaptability makes it near impossible to locate a distinct signature that would help in rooting out this form of malware. Unlike polymorphic malware which can only change certain parts of its code, metamorphic malware can change its code entirely. This makes every new infection completely different from the last.
In addition to being metamorphic, the Tardigrade strain has the ability to become completely autonomous once inside a system. Once it has infected an organization it has no need to communicate with a command and control server. This means that even if it is isolated from its sender it can still operate and wreck havoc on your systems.
Since this malware often comes in the form of ransomware there is not much an organization can do once it has been infected. This is why it is important for organizations to combat malware before it even enters your system. Because Tardigrade is primarily spread through phishing emails it is important to make sure employees are well informed on what a phishing email looks like and what to do in the case they receive one. Additionally, make sure you are informed of the risk of physical threats. If an employee comes across a stray USB or finds one already plugged in take the steps to make sure it is legitimate.
All of this is covered in security awareness training programs that employees should take anyways. Education is the great way to combat cyber threats. Just remember that one wrong click could spell disaster for a small-medium sized business.
CorpInfoTech (Corporate Information Technologies) provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. CorpInfoTech can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.