Page 47 - Cyber Warnings August 2017
P. 47

Criminals then hide malicious code in the structure of common office documents or an attached
               functional element, such as a macro or Javascript, along with socially engineered emails

               designed to lure employees into enough clicks to trigger an instant ransomware attack or a
               zero-day malware download.


               Yet despite being the single largest cause of cyber breaches, file based malware remains
               largely misunderstood. And all too often, the downloaded malware will be unrecognizable to

               antivirus software as it heads for an organization’s IT system to lock up data and demand a
               ransom. Less than two percent of malicious PDFs contain ‘just’ an embedded file, while around
               40 percent of Excel and 27 percent of Word malware have no macro or embedded file. This

               means that organizations that rely on the identification of macros can easily miss malware in
               related attachments -- and any of these misses can give the attacker all they would ever need to

               extort the target organization.

               But perhaps what’s most surprising is that spam campaigns like Necurs and others continue to

               yield wild success by playing on the most easily exploitable attack vector in an organization –
               the employee. Cybercriminals leverage this method time and time again simply because
               employees continue to fall for the same tried-and-true social engineering tactics – they click

               open attachments that appear to be from familiar people or companies. According to Glasswall
               research, the vast majority (82%) of employees open email attachments if they appear to be
               from a known contact, despite the prevalence of well-known sophisticated social engineering

               attacks and security training. Of those, 44 percent opened these email attachments consistently
               every time they receive one.


               However, unlike in years past, the level of sophistication in these socially-engineered messages
               is so high, that most people – even those trained in security – are often hard pressed to

               distinguish between what’s real and what’s fake.

               Ransomware Detection an Increasing Challenge
               It’s no secret that enterprises are bumping up against larger and more complex challenges
               when protecting themselves from attack. One of the biggest and most daunting challenges they

               face is acknowledging that standard security infrastructure in their environment is becoming
               alarming less effective at combatting advanced threats.  A recent Webroot report illustrated that

               97 percent of malware is now unique to a specific endpoint, rendering signature-based security


                    47   Cyber Warnings E-Magazine – August 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   42   43   44   45   46   47   48   49   50   51   52