FBI Issues Destructive Malware Alert
Reuters reported Tuesday the FBI issued a so-called flash warning to U.S. businesses regarding a highly malicious and destructive cyberattack on an American company. Although the company was unnamed in the flash warning, most assume it to be Sony Pictures Entertainment, which recently experienced an attack like the one described in the warning. The warning describes a broad class of malware called wiper malware.
“The primary purpose of wiper malware is to overwrite sections of a hard drive on an infected computer in an attempt to remove traces of the malware itself, along with large portions of data or in some cases all stored information on the drive,” Jim Stickley, CEO of Stickley on Security, told CU Times. “In all versions the master boot record is also overwritten, causing the operating system to fail.”
Stickley added that wiper malware is often used in conjunction with other malware. For example, malware designed to steal confidential information might launch a wiper malware component to cover its own tracks.
“I would strongly encourage all credit unions to review their backup policies not only on critical servers, but also on desktops,” Stickley said. “In addition, because this malware could spread quickly and can render employee workstations inoperable, credit unions should also review their disaster recovery plans and ensure that contingencies are in place to maintain business in the event of a wide-scale workstation outage.”
Finally, Stickley said that credit unions should also do their part to warn members, both consumer and business, about the risks of wiper malware. “There is no better way to combat cyber threats than with awareness and education,” he concluded.