What is file-borne malware?

Ransomware wreaked havoc last year, and unfortunately, we can expect more of the same. In fact, experts believe that the criminal enterprise will take cybercrime to a whole new level using file-borne malware in the months ahead.

According to SonicWall Capture Labs,  there were 2.5 billion malware attacks in just the first half of 2021. This was actually good news as it came down from 3.2 billion in 2020, a decrease of 22%. When you consider the fact that malware attacks peaked at 10.5 billion in 2018, that is a significant improvement that we can all celebrate.

Well, not just yet!

When you consider the high-profile attacks like the Colonial Pipeline, Kaseya, JBS, and more, we can’t afford to let our guard down. Cyber criminal gangs like BlackMatter, DarkSide, and REvil never give up, and neither should we. 

The truth is that hackers haven’t actually given up on cybercrime. Instead, they have learned from their experiences and developed new techniques. After all, traditional “Hail Mary” attacks were only going to work for a short period of time before the “good guys” figured out how to protect themselves.

While the days of “spray-and-pray” techniques may be over, the “bad guys” are still in business. They no longer send low-level viruses and hope it sticks on some network. Instead, they thoroughly research their targets and develop highly specialized malicious code that is most likely to have the highest impact.

File-borne malware defined

File-borne malware is a type of malware hidden in malicious code, malicious macros, malicious content within standard files, or unsecure hyperlinks. It’s incredibly effective as users are constantly uploading, downloading, opening, editing, and receiving many types of files every day.

Most won’t think that it might be compromised before opening it. Instead, they are either unaware or dismissive of threats posed by files downloaded from different online sources. Sometimes, social engineering tactics also trick people into opening these malicious files.

So, it’s no surprise that over a quarter million new malware variants were discovered in 2020. Often deployed in zero-day attacks, this type of malware can do some severe damage to your business and, of course, your bank account.

Expect social engineering attacks to rise

As file-borne malware becomes the go-to technique hackers use to breach enterprise infrastructure, you can expect to see a rise in phishing emails. Phishing campaigns are designed to fool staff by pretending to come from a legitimate source. The goal here is to get one of your employees to click a link or download a file to breach your system, gain access to sensitive company data, and of course, hold the company to ransom.

As humans continue to maintain their place as the weakest link in the security chain, you can bet that some of these attacks will be successful. It gives us great cause for concern as one unsuspecting employee can unleash hidden malware and take the whole company down.

Research suggests that as much as 74% of companies experienced malware activity where it spread from one employee’s device to another last year. The reason behind this is probably distracted staff working from home or the increasingly growing sophistication of social engineering attacks.

We are all live targets

As the payoff is often significant, hackers are highly motivated. If they can’t get the business to pay the ransom, they can sell it on the dark web to the highest bidder. If that’s not possible, they can always take pleasure in releasing the data and destroying a brand’s reputation.

The bad news is that it’s not difficult to initiate a file-borne attack. Just about anyone can embed malicious code into files, we use daily, including Microsoft Office files, PDFs, and more. Even worse, file-borne malware is tough to detect, and traditional antivirus solutions fail to identify them.

File-borne malware can also become a fresh new threat by slightly tweaking the known malware signature. So, companies must invest in cybersecurity protocols, encryption, security awareness programs, engage ethical hackers, and cloud security services.

In the current threat landscape, it’s best to approach the future like we’re all live targets. Stay alert!

nach oben