Traditional, run-of-the-mill malware usually makes its way onto a victim’s computer via the download of an infected file. However, that’s not always the case. Fileless malware attacks use tools that are already on your computer to carry out attacks. Here’s what you need to know.
What is Fileless Malware?
Fileless malware is a type of malware that leverages applications already installed on a computer to wreak havoc.
They often begin by user-initiated actions, like clicking an advertisement or an infected link. Then, the malware forces software that is already on the user’s computer, like Adobe Flash, to carry out an attack script. In other words, fileless malware turns safe applications dangerous.
How Big of a Threat is Fileless Malware?
The Ponemon Institute conducted a study that determined fileless malware was responsible for 29 percent of all cyber attacks in 2017 and 35 percent in 2018.
Most forms of fileless malware move laterally across your organization’s network, meaning it spreads to other computers. This type of malware collects data from your Microsoft Office files and web browsers, and slows down computers in the process.
However, fileless ransomware, which holds your files hostage and demands a cash ransom, also exists. Although it’s relatively uncommon, security experts believe it’s only a matter of time until they start occurring with frequency.
How to Defend Against Fileless Software Attacks
The best way to defend against fileless software attacks is to keep your software up-to-date at all times. Most software updates issued by companies like Microsoft address security vulnerabilities, so the more up-to-date your software is, the safer it is.
Disable Certain Software
Microsoft PowerShell, which is a scripting environment for networks administrators, and Windows Management Instrumentation, which controls software and hardware on your network, are highly vulnerable to fileless malware. If you don’t use them, consider disabling them.
Many antiviruses cannot detect fileless malware. It’s recommended that you augment your cyber security system with a behavior monitoring solution to identify any suspicious activity on your network so action can be taken to address it.
Avoid Suspicious Links
We’ve said this in just about every cyber security blog we’ve ever written, but since it’s so important, we’ll keep beating a dead horse. Do not click on any suspicious, unsolicited links you receive. Just a click can infect your entire network with ransomware.
Fileless ransomware attacks are a bit more stealthy than traditional ransomware, but it’s certainly not impossible to avoid.