One of the biggest threats to data security over the last few years has been crypto-malware. And, as the Panda malware proves, it can be a persistent danger.
We may think of pandas as gentle, beautiful creatures but that notion only applies when we’re talking about mammals. When it comes to malware, Panda is far from gentle. The malware in question has been active in the digital landscape since 2018 and, since then, has managed to secure close to $100,000 in cryptocurrency ransoms. And it has achieved this by constantly reinventing itself and modifying its structure. Staying one step ahead of the security experts is crucial for malware and Panda has done this with aplomb.
Understanding the motives and mechanics of Panda is important in strengthening your organization’s security, so let’s take a closer look at how it works.
What is Panda?
First identified in 2018, Panda is a form of malware which combines crypto-malware with remote administration tools (RATs) to render any infected PC under complete control of the hacker. Not only is the victim at the risk of having their data encrypted, but there’s the added danger of unauthorized access to their PC at any time. Panda achieves all of this by exploiting web applications, spreading via infected Word documents and unauthorized downloads by compromised websites. Web applications that have been found to be infected include a wide variety of industries such as social media, financial, web services and digital analytics.
How has Panda Managed to Persist?
Most malware has a relatively short lifespan due to design flaws and the talents of security experts, but Panda has persisted for over a year now. It owes this longevity to its coders and the speed at which they evolve Panda. The malware has always been an expert in stealth and this has allowed it to escape the attentions of antivirus software. Most concerning, however, is the number of additions that have been added to Panda’s arsenal since it first appeared. Reports have indicated that Panda now includes highly sophisticated exploit tools originally designed by the NSA. It’s that most dangerous form of malware: one that continues to grow in strength.
Protecting Your Business from Panda
Panda is a dangerous piece of malware, but it’s not one that you need to live in fear of. Instead, make sure you remain vigilant by implementing the following:
- Regular training for your staff is essential in keeping your defenses as strong as possible. The knowledge that these training sessions provide is invaluable for keeping your staff up to date on current threats.
- Crypto-malware’s main objective is to encrypt your data and then demand a ransom. Therefore it’s important that you establish a backup routine that ensures your files are kept securely in more than one location.
- Monitor any unusual network activity. Panda may be highly skilled when it comes to stealth, but its operation is likely to lead to unusual traffic in and out of your network. Identifying this early on may allow you to limit the damage caused.
For more ways to secure and optimize your business technology, contact your local IT professionals.
Read More