Ramping up human and technical resources is an ongoing exercise in our battle against cyber crimes. Recently, Karnataka appointed 16 cyber technicians, the details of the capabilities are not known in the public domain. Will they be able to match the harsh ground level requirements being dictated by the international cyber criminals? Or will we always be notches behind in this cybercrime battle of attrition? Polymorphic malware is already making its evil presence felt and is turning out to be the new knot extremely difficult to sort out. Why the scare about polymorphic malware?
For the uninitiated it is a malicious software that continually alters its code or appearance to evade detection. While regular malware has a consistent code structure, the polymorphic malware has the ability to change its identifiable features. This attribute makes it particularly challenging to detect and mitigate. You can even term is as the digital chameleon.” Of the 20,092 cases registered in 2024 in Karnataka only 1,248 have been detected. The victims lost Rs. 2,900 crores to cyber crimes. These are registered cases; the actual figures might be higher.
The basic features of polymorphic malware besides variable code structure are code mutation and encryption and decryption routines. This malware modifies its code or appearance with every infection. It often employs dynamic encryption keys and changes its decryption routines. By this trait it is able to conceal its true nature from the security software. What does our current tools rely on; recognise fixed patterns; only if a match is found the system blocks the threat. How far can we take the investigation with such tools? An upgrade is a must, Karnataka FSL is planning for one, it is a race against time, sooner the better.
Recent examples of this malware are TrickMo Variants, ToxicPanda and Spyloan. Some variants of this malware also operate as what can be termed as ‘fileless malware.’ It runs entirely on the computer’s memory. To catch up in this race what is required is to implement advanced cybersecurity tools that enable signature-less malware protection. Next generation antivirus solutions can be helpful. Real time monitoring is a must now coupled with automatic remediation. It can help detect and respond to polymorphic malware threats promptly, minimizing potential damage.
WE ARE WAITING FOR THE GIANT TECH LEAP TO HAPPEN IN THE FIGHT AGAINST CYBER CRIMES.
Sanjay Sahay
Have a nice evening.