The Hard Way
I was discussing malware with a couple of experts last week and they immediately focused on how to prevent malware from being downloaded and how to detect malware in an operating system. This is the classic approach that I often refer to as The Hard Way.
There are armies of hackers devoted to phishing and malvertising and other insidious mechanisms for getting malware onto a computer. These criminals steal massive quantities of data, piece together complex profiles and spend years working on this single goal. Nothing short of AI will ever overcome a human getting malware on their computer. Like I said – hard.
The Better Way
At Bear, we firmly believe that there really is nothing you can do to prevent malware from being downloaded by a person. This is not to say that we should not put up barriers, try to find malware on systems and so forth – just that it is an inevitable outcome.
Instead, we think that preventing the malware from getting anything off the infected computer is the way to truly stop malware. We are not going to look for special patterns of code or memory heuristics – we simply lock down all device communications to the rest of the enterprise. If two computers do not share any resources, we prevent them from talking. If a camera should only send out video, we prevent it from sending out anything else. By locking down communications, we can keep malware from spreading between machines and from sending data out on the machine it has infiltrated.
Maybe that single computer gets trashed and, I guess, let that be a lesson to the owner of that one device. Without the ability to spread into other devices, to get into target systems or obtain critical data, the entire industry of malware will crumble. There is no money in trashing an individual computer – certainly not enough to support the legions of hackers trying to infect machines with malware these days.