One might think that by now, the high-tech experts would've havecome up with a way to counter the scourge of malware. Yet weekafter week, breach after breach, our data continues to come underattack. Malware somehow slips onto the host, consumer data slipsout the back door, crafty hackers make fortunes, and the haplessvictims make international headlines.

Credit unions need to take notice. Malware's success isdependent on a lapse of judgment by a live human being. Mary clickson a link in a scammer's email. Or someone visits a rogue websiteby mistake. Within seconds, the malware has gained entrance to yournetwork and it's only more trouble from there.

While preventing malware is largely a matter of employeeeducation, detecting malware once it is present is clearly a jobfor specialized software. Unfortunately, traditional malwaredetection software has its limitations.

Most malware detection software works by scanning files for bytesequences, or signatures, and comparing them against a database ofknown signatures of known pieces of malware. That presents one veryobvious problem. If your credit union turns out to be one of thefirst organizations in the world to become infected with aparticular malware, there won't be any known signatures to compareagainst. In other words, at least in the short term, your newmalware freeloader may be virtually undetectable.

What's more, cyber criminals can be pretty clever. They candesign malware that mutates over time, so that the signature it hastoday may not be the signature it has tomorrow.

Malware isn't the only threat to your member data. Youabsolutely can't discount the good, old-fashioned dishonestemployee. They may be even harder to detect than malware, becausethey're supposed to be there and they're using system credentialsyou gave them.

The one thing that malware and dishonest employees have incommon is that both engage in activities that shouldn't beoccurring in the first place. Or put another way, if you had someway of knowing what constituted normal activity, you would be ableto identify any type of abnormal activity as soon as ithappened.

Fortunately, software tools are beginning to appear on themarket that can do just that. They gather all the machine data thatyour enterprise generates, then they “learn” what normal activityis for your particular credit union. Based on that, this advancedsecurity software can predict what should happen in the futurebecause, as we all know, the past is the greatest predictor of thefuture. If something other than what's predicted is happening, thissoftware lets you know there may be a problem.

This isn't about next-day alerts, either. Trouble is detected inreal time because the software monitors in real time. If there'sany suspicious activity, notifications are sent within minutes ifnot seconds.

Will software ever completely stop data crimes? That's doubtful.Sometimes the best that a credit union can hope for is to make surethat it isn't the lowest hanging fruit. Software like describedhere is one more tool to help credit unions stay ahead of thegame.