One might think that by now, the high-tech experts would've have come up with a way to counter the scourge of malware. Yet week after week, breach after breach, our data continues to come under attack. Malware somehow slips onto the host, consumer data slips out the back door, crafty hackers make fortunes, and the hapless victims make international headlines.

Credit unions need to take notice. Malware's success is dependent on a lapse of judgment by a live human being. Mary clicks on a link in a scammer's email. Or someone visits a rogue website by mistake. Within seconds, the malware has gained entrance to your network and it's only more trouble from there.

While preventing malware is largely a matter of employee education, detecting malware once it is present is clearly a job for specialized software. Unfortunately, traditional malware detection software has its limitations.

Most malware detection software works by scanning files for byte sequences, or signatures, and comparing them against a database of known signatures of known pieces of malware. That presents one very obvious problem. If your credit union turns out to be one of the first organizations in the world to become infected with a particular malware, there won't be any known signatures to compare against. In other words, at least in the short term, your new malware freeloader may be virtually undetectable.

What's more, cyber criminals can be pretty clever. They can design malware that mutates over time, so that the signature it has today may not be the signature it has tomorrow.

Malware isn't the only threat to your member data. You absolutely can't discount the good, old-fashioned dishonest employee. They may be even harder to detect than malware, because they're supposed to be there and they're using system credentials you gave them.

The one thing that malware and dishonest employees have in common is that both engage in activities that shouldn't be occurring in the first place. Or put another way, if you had some way of knowing what constituted normal activity, you would be able to identify any type of abnormal activity as soon as it happened.

Fortunately, software tools are beginning to appear on the market that can do just that. They gather all the machine data that your enterprise generates, then they “learn” what normal activity is for your particular credit union. Based on that, this advanced security software can predict what should happen in the future because, as we all know, the past is the greatest predictor of the future. If something other than what's predicted is happening, this software lets you know there may be a problem.

This isn't about next-day alerts, either. Trouble is detected in real time because the software monitors in real time. If there's any suspicious activity, notifications are sent within minutes if not seconds.

Will software ever completely stop data crimes? That's doubtful. Sometimes the best that a credit union can hope for is to make sure that it isn't the lowest hanging fruit. Software like described here is one more tool to help credit unions stay ahead of the game.

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.