Companies who have relied on virus detection and anti-malware software to provide sufficient cybersecurity now have to look for new approaches. In May 2017, cybersecurity experts found “fileless malware” on the networks of over one hundred forty different banks. Fileless malware first gained some degree of public notoriety when security firm Kaspersky Labs detected a breach in its own networks - hackers using sophisticated techniques to spy on the companies trying to stop them. Since then it has grown to encompass approximately 15% of known cyber attacks.
How Fileless Malware Avoids Detection
Traditional anti-malware software scans computer files for known threats. It then either flags a suspicious file or deletes it. However, this technique has a number of holes. "Hackers have discovered techniques to hide malicious code in parts of a computer system not scanned by most virus detection techniques", says Charlie E. Bernier Principal Consultant and Cyber Insurance Expert at ECBM.
Typically, fileless malware comes in three distinct types: the first hides itself in the computer’s random access memory (RAM) awaiting execution, the second hides itself in application programming interfaces, while the third uses the Windows Registry to hide from anti-malware scanners.
Software Solutions Are Not Enough
Because fileless malware avoids traditional techniques so effectively, companies need to find and focus on more than malware scanning for their cybersecurity. While some scanners have started attempting to detect malware based off system behavior rather than file scanning, ultimately cybersecurity still rests in the hands of users. A user needs to click on an infected email attachment or visit an insecure website for fileless malware to make its way onto a computer or a network. Training users to resist these techniques is the best way to protect a system against fileless malware.
Read More: Do This Now To Improve Cybersecurity For Your Business in 2017
Employees Need To Know What To Look For To Keep An Eye On Suspicous Activity On Your Computers And Network
The recent finding of fileless malware in the systems of over one hundred forty banks will only increase awareness of the need to train employees against and monitor for this type of intrusion. The findings found in the infiltration of banks on a global scale, with twenty one of the one hundred and forty being based in the United States and seven in the United Kingdom. Hackers used the malware to siphon money out of automatic teller machines and also to hunt for high level passwords.
Read More: Businesses Wannacry After Companies Hacked Globally
Don't Miss Opportunities For Training Staff For Cybersecurity Success
Preventing this type of attack from affecting your own systems and from there the systems of your partners, vendors, and customers involves a few important steps.
First, employees need to be trained to spot and avoid suspicious websites and suspicious emails.
Second, companies need to ensure that everything on their systems remains as up to date as possible. Keeping up to date with software and operating system patches can prevent up to 85% of malware attacks, including fileless ones.
Third, companies should look at switching to malware protection that focuses on monitoring and stopping suspicious activity into and out of network rather than looking for file signatures.
Cyber Risk continues to be an area of growing and necessary concern for companies. Companies will have to stay on top of and ahead of new risks to mitigate against cyber risk and avoid liabilities from system breaches.