Rats in Your Walls
RAT attacks are a high profile cyber-threat. Remote Access Trojans (RATs) are a category of malware that make good on their acronym: just like a real life rodent scurrying through your walls, RATs have access to your private digital space—they are invisible intruders given access to your things. The difference is, while both scenarios are not ideal, a RAT is maliciously deployed for a variety of criminal purposes, and can lead to devastating data breaches, compromised accounts, and more. Indeed, a Remote Access Trojan titled Sakula was believed to be associated with the high profile OPM hack in 2015, which resulted in the compromise of biometric data belonging to millions of Americans.
While the specific nature of each individual Remote Access Trojan will vary, in general they all do what it says on the box. They sneak into a system via nefarious web links and email attachments, then create a backdoor on the victim’s device allowing a bad actor to gain access and monitor, browse, copy and control the computer as they wish. A RAT compromises your data, your privacy, and even your bandwidth—an infected device can give the attacker access to other network devices.
RATs have been around since at least the late 90s, and are historically an incredibly difficult cyber threat to detect and eliminate. But thankfully, new innovations in biometrics are helping change that.
The New Exterminators
Behavioral biometrics are in the process of going mainstream, specifically in the world of financial services. By way of creating user profiles based on their unique psychological, physiological, and behavioral traits, behavioral biometrics platforms can be used to persistently and frictionlessly authenticate users. These solutions run invisibly in the background while users go about their business on an equipped website, constantly comparing a user’s mouse movements, keystrokes and more to ensure it’s really them.
Of course, as with all authentication, the inverse is also true. Behavioral biometrics can detect when another person or a malicious bot is using your device. Initially, when the modality was in its nascent phases, this aspect was proposed as a human detection technology that could potentially replace clunky CAPTCHA images. But it also works wonders at dealing with a RAT infestation. As soon as a remote presence attempts to take over a device, behavioral biometrics systems can detect the absence of the user, and also the behavior associated with known cyber threats. In this way, a robust behavioral biometrics solution can immediately mitigate the damage done by a RAT attack.
While Remote Access Trojan detection is a clear and important use case for behavioral biometrics, especially in today’s landscape of high profile data breaches, there are other malware threats that can similarly be addressed silently and efficiently.
Mobile threats like the Gooligan family of malware are infecting smartphones, and there has been an alarming rise in the use of fileless malware against banks. Both scenarios present difficulties to traditional anti-virus software, and offer an opportunity for behavioral biometrics to shine, since rather than seeking out known threats, behavioral solutions constantly monitor how a device is being interacted with, whether it’s from the outside or the inside; by a human or a bot.
As a cyber-security solution, behavioral biometrics are elegant. Able to protect against a wide variety of threats while also providing convenient user experience in terms of authentication, behavioral biometrics are a reminder that when we talk about identity who we are matters as much as who—or what—we are not.
Stay posted to FindBiometrics throughout April as we continue to bring you featured coverage on the topic of behavioral biometrics. Register for our upcoming webinar on the topic, Continuous Identity: Why Behavioral Biometrics Are Going Mainstream. Be sure to follow us on Twitter so you don’t miss a thing.