Ghostware Conceals Indicators of Compromise. Ghostware is the Snapchat of malware. Snapchat, the popular social app, allows users to send photos and videos to friends that, once viewed, “disappear” and cannot be viewed again. The concept of ghostware is similar: The malware enters into a system, completes its mission (i.e., stealing data), then disappears without leaving a trace. As investigators and law enforcement become more adept at forensic analysis and more concerned with cyber crimes and the people who perpetrate them, careful hackers will look for ways to erase all traces before security measures detect that systems have been compromised.

Ghostware Conceals Indicators of Compromise – Security Risk

Ghostware Conceals Indicators of Compromise – Security RiskHackers will use the program to conceal attacks. As law enforcement boosts its forensic capabilities, hackers will adapt to evade detection. Malware designed to penetrate networks, steal information, then cover up its tracks will emerge in 2016. So-called ghost software will make it extremely difficult for companies to track exactly how much data has been compromised, and hinder the ability of law enforcement to prosecute cybercriminals. Alongside this malicious software program, cybercriminals will continue to employ so-called “blastware” which destroys or disables a systems when detected. “Blastware can be used to take out things like critical infrastructure, and it’s much more of a damaging attack.

Threat in 2016: Ghostware & Blastware

As cybercriminals become the focus of investigation and prosecution in the criminal justice system, careful hackers will develop a new variant of malware that is designed to achieve its mission and then erase all traces before security measures can detect that a compromise has taken place. Cyber security experts predicts that we will witness Ghostware in 2016, written to steal data and disappear to conceal its creators.

Future Outlook: Ghostware will emerge that can exploit a system or infrastructure to extricate valuable data, then erase itself while leaving the host system intact. Ghostware attacks will enable hackers to cast a wider net for infection while attempting to avoid identification and attribution for the crimes. New variants of Blastware will persist in targeted attacks, primarily utilized in acts of hacktivism or state-sponsored cybercrime.

Sources: Gartner.com & Fortinet.com

Leave a Reply