Virtual Inoculation: The New Digital Vaccine

Home / Innovation / Virtual Inoculation: The New Digital Vaccine

In the medical field inoculation means to give a person or animal a weakened dose of a disease in order to make that entity immune to the actual disease. This concept is now being applied in the Cyber Security space. Some Cyber security researchers have found ways to place a small piece of malware on a machine so that when the malware tries to infect your machine it sees that it is already infected and terminates the action. One example of this is with the Petya ransomware, a security researcher named Amit Serper discovered a way to vaccinate machines from the Petya ransomware. He noticed that when the ransomware infects a device it searches for a file called “perfc.dl”, if it cannot find it will lock the computer and demand payment. If it locates the file, the ransomware doesn’t take effect. Using this Information Amit Serper was able to effectively “vaccinate” computers from the ransomware by proactively placing an empty file on the machine. The idea of virtual Inoculation can be very useful for companies, particularly those that have problems regularly upgrading software because of legacy systems. An Internet Security Report by WatchGaurd found that only 30% of malware attacks are zero day exploits, or malware that have no antivirus solution. Despite having available solutions for over two thirds of the malware in existence, many companies are still vulnerable because of an inability or reluctance to stay up to date with their patching. Updating software can affect business operations by being incompatible with other IT elements in the production environment, causing many companies to avoid installing the latest updates. Virtual Inoculation has the potential to be a great compromise for these companies by providing malware protection without impacting business operations. I think it shows a great level of creativity among security researchers to take a concept used in biology and find a way to incorporate it into Cyber Security.