CyberWire Daily - CISA Alert AA22-216A – 2021 top malware strains. [CISA Cybersecurity Alerts]
Episode Date: August 4, 2022This joint Cybersecurity Advisory was coauthored by CISA and the Australian Cyber Security Centre, or ACSC. This advisory provides details on the top malware strains observed in 2021. AA22-216A Alert,... Technical Details, and Mitigations For alerts on malicious and criminal cyber activity, see the FBI Internet Crime Complaint Center webpage. For more information and resources on protecting against and responding to ransomware, refer to StopRansomware.gov, a centralized, U.S. Government webpage providing ransomware resources and alerts. The ACSC recommends organizations implement eight essential mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a cybersecurity baseline. These strategies, known as the “Essential Eight,” make it much harder for adversaries to compromise systems. Refer to the ACSC’s practical guides on how to protect yourself against ransomware attacks and what to do if you are held at ransom at cyber.gov.au. All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered 4th, 2022.
This joint cybersecurity advisory was co-authored by CISA and the Australian Cybersecurity Center, or ACSC.
This advisory provides details on the top malware strains observed in 2021.
In 2021, the top malware strains included remote access Trojans, banking trojans, information stealers, and ransomware.
The most prolific users of malware are cybercriminals, who use malware to deliver ransomware or facilitate theft of personal and financial information.
The alert documentation linked in the show notes includes technical details, mitigations, detection signatures, and indicators of compromise for the top 11 malware strains of 2021. Most of the top malware strains have been in use for more than five years,
with their respective code bases evolving into multiple variations.
Updates made by malware developers and reuse of code from these malware strains
contribute to the malware's longevity and evolution into multiple variations.
Malicious Actors' use of known malware strains offers organizations opportunities to better
prepare, identify, and mitigate attacks from these known malware strains.
In the criminal malware industry, including malware as a service, developers create malware
that distributors often broker to malware end users.
Developers of these top 2021 malware strains continue to support improve and distribute
their malware over several years.
Malware developers benefit from lucrative cyber operations with low risk of negative
consequences.
Many malware developers often operate from locations with few legal prohibitions against
malware development and deployment.
Some developers even market their malware products as legitimate cybersecurity tools.
CISA and ACSC encourage organizations to apply the recommendations in the mitigation section of this joint advisory. These mitigations include applying timely patches to systems, implementing user training, securing remote desktop protocol,
patching all systems especially for known exploited vulnerabilities, making offline backups of data, and enforcing multi-factor authentication for all users when available. Thank you. 0870, and to the FBI via your local FBI field office or the FBI's 24-7
CyWatch at 855-292-3937 or cywatch at fbi.gov.
This report was written by CISA, the United States Cybersecurity and Infrastructure Security
Agency, and edited and adapted for audio by the Cyber Wire as a public service.
Please visit www.cisa.gov to read the full report, which may include additional details, links, and illustrations.
A link to this report can be found in the show notes.
This has been a CISA Cybersecurity Alert.