virtually useless because such heavily customised malware is extremely difficult to detect.
               Those statistics are validated by VirusBulletin, which found that detection of previously unknown

               threats by numerous standard antivirus solutions decreased from 80 percent to approximately
               70 percent between 2015 and 2016, while even detection of known threats fell from between 90
               and 95 percent to about 90 percent.


               Email security solutions have also been rendered less effective over time. While these solutions

               can successfully identify and reduce spam, they still leave many organizations wide open to
               more stealthy and proliferous attacks such as ransomware and other zero-day threats.


               And sandboxing technology is also becoming incrementally less effective in identifying and
               trapping ransomware. These days, numerous strains of ransomware are now engineered to

               recognize that they are being tested in a sandbox environment, where in theory they can be
               exposed without causing actual damage to the organization’s network. Equipped with this
               advanced capability, the sophisticated strains of ransomware simply deactivate themselves and

               wait to be passed as clean in order to evade detection. Sandboxes also have a tough time
               emulating the various end-user environments and specific user interaction that may be
               necessary to invoke an attack, further reducing their ability to spot a malicious document.



               Moving Past Zero-Day Apathy
               One of the biggest obstacles to detecting ransomware might actually be attributed to apathy

               generated from a kind of threat fatigue. According to the Identity Theft Resource Center, U.S.
               companies and government agencies suffered almost 1100 data breaches in 2016, a 40 percent

               increase from the previous year, while ransomware spiked 6000 percent in 2016, with most
               victims paying the ransom, according to a recent study from IBM Security.


               In light of these accelerating trends, it stands to reason that the threat of a zero-day attack
               should be top of mind for every business. But that’s often not the case. Instead, organizations
               often regard extortion via cyber-attack as an inevitable cost of business. In an effort to keep

               short-term costs down, many enterprises have accepted – to a certain degree – that threats will
               likely penetrate their networks. At the same time, many are often unable to adequately invest in
               the right forms of security infrastructure to protect themselves against such attacks.





                    48   Cyber Warnings E-Magazine – August 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.