Destructive Malware: Lessons from the Trenches presented at 3rdCybersecurityInternationalSymposium 2019

by Charles Debeck,

Summary : IBM has seen a 200% increase in destructive malware incidents over the last year, with remediation on average costing $239 million and requiring over 500 hours of labor. This talk will discuss destructive malware, what it is, the impact it has on affected organizations, the lessons IBM has learned from our experience on the front lines, and what organizations can do to mitigate the risk.Drawing on unique, internal data, we'll explain the human behaviors we've seen associated with destructive malware, and how threat actors can react in difficult-to-predict ways. We'll also describe the most common methods for initial infection and lateral movement we have seen for destructive malware. Finally, we'll cover lessons learned and the most effective steps organizations can take to help protect themselves both before and during a destructive malware incident. Key takeaways:Destructive malware is being increasing used by criminals, changing and growing this potential threatThe cost of a destructive attack is significant and can have long-lasting impactsA well vetted response plan is critical to handling a destructive incident