Photo courtesy Charlie Round-Turner show photo

Blogs and News

17th Jul 2017

Fileless Malware – A New Business Cyberthreat

Dangers for businesses from hackers

Most people know not to click on attachments sent to them in emails from people or businesses they've never heard of. It is well-understood that if you download files from dodgy sites there may be a payload of malware inside too, as a little bonus. Mostly this is annoying apps that redirect your searches or show rubbishy adverts. Irritating, but not actually harmful. Of course, if you are unlucky, your computers might be infected with ransomware, which could encrypt your files and demand payment to decrypt them.


The lesson of that is always to have regular backups so you can restore your files. Even if you pay the ransom, there's no guarantee that the cyber criminals will actually let you have the key to get your files back.


Unfortunately there is a new threat emerging: fileless malware, that is attacks on your computers and networks that do not involve opening an attachment or downloading files. These attacks involve finding vulnerabilities in the computer system and exploiting these to plant viruses in the system. As virus protection has got better, so the criminals and hackers have to up their game to find new avenues to attack computers and networks.

The cyber criminals can


  • create new malware that could infect systems without triggering traditional detection mechanisms, like anti-virus

  • profit from wildly successful fileless malware infections by spreading new malware

  • run one-time info-stealing malware to gather information about an infected PC before infecting it with additional malware

  • move the malware to the Windows registry to make it more difficult to find

  • employ sophisticated, flexible and even modular cyber attacks to find and manipulate vulnerabilities faster

  • use the undetected software flaws or vulnerabilities to compromise a huge number of computers

  • make fast and easy money by infecting machines with ransomware.

There is no need to panic, however. It is not easy to accomplish these attacks, particularly if all software is up to date. However this can be a weakness as people often do not update software regularly to keep security patches active.


For example, fileless malware can use vulnerabilities in outdated flash plugins to infect a computer's browser and then attack the computer that is running it.


The best way to negate fileless malware is to stop it before it happens


Level 1: apply security updates for your applications and operating system.


Level 2: block the pages hosting the malware, with an active security application


Level 3: block the malware delivery with the same application


Level 4: block the communication between your PC and the attackers’ servers: this will mean that the attackers won't be able to exploit the infection, even if they have placed it on your computers.


In Conclusion


Business and home users need to keep their protection up to date. They also would be wise to invest in an application which is able to negate these potential threats as an ounce of preparation is worth a ton of regret afterwards and cheaper too.


More information: https://www.mcafee.com/mx/resources/solution-briefs/sb-quarterly-threats-nov-2015-1.pdf


Author: This article was written by Julian Jackson, Wandsworth Chamber of Commerce's resident blogger and copywriter - www.julianjackson.co.uk  https://julianj.journoportfolio.com

1_84_Patron_Email_Block_v_14.jpg