Malware-Free Cyber Attacks on the Rise
Most online attacks don't involve malware, according to newly published figures. It's the first time "fileless techniques" have been in the majority.
The figures come from an annual report by security company CrowdStrike. It says it analyzed its own customer data along with that from investigations into known attackers and data from reported incidents.
According to the report, malware-free attacks made up 51 percent of the total during 2019, up from 40 percent the previous year. The tactics were particularly prevalent in North America, making up 74 percent of attacks. (Source: zdnet.com)
As always with computer security, how you define terms matters the most. CrowdStrike's definition was that malware involves files being written to an attacked machine's disk. That includes familiar attacks such as remotely installing rogue files and software after exploiting a security flaw, or tricking the user into downloading or opening a malicious file.
Stolen Passwords Pay Off
The malware-free attacks cover a range of tactics but the most common are altering data in a computer's memory, or simply using stolen details to remotely log in to a computer or server.
Naturally CrowdStrike presents these claims in the context of its own security products. It says the main takeaway is that people and businesses shouldn't simply rely on traditional antivirus tools that scan files, either on a schedule or in real-time.
Social Engineering: Remote Access and Indian Scammers
Oftentimes the threat is social engineering. An example might be a red screen virus alert that claims the computer is infected to call a 1-800 number to "fix the problem." Searching Google for "i let someone remotely access my computer" or "i gave someone remote access to my computer" will yield countless examples of people that let Indian tech support scammers posing as Microsoft into their machines, who in turn charge exorbitant fees to fix problems that don't exist. In this case, antivirus and a firewall won't help.
Instead, today's threats require more emphasis on behavioral analysis: in other words, security tools learning to look for suspicious activity - though this is especially difficult in social engineering cases.
Ransomware Targets Public Bodies
The report also suggests two other very different trends in attacks. The first is ransomware operators deliberately targeting public bodies such as schools and local governments. The logic seems to be that such victims are less likely to be well-funded enough to deal with attacks, but have a public duty to quickly restore compromised services. That increases the chances they'll pay ransoms.
Contrastingly, attackers working for or backed by nation states are carrying out more sophisticated attacks as well as widening their goals from espionage to actively causing disruption. (Source: crowdstrike.com)
What's Your Opinion?
Do you understand how your chosen security tools work and what threats they target? Do you think ordinary citizens should worry about these developments? Do you think security companies will be able to catch up with attackers or will they always be a step behind?
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Education is the key.
People need to be aware of what companies will and won't do. Microsoft isn't going to reach out to you because they found something anomalous with your machine. An antivirus company isn't going to automatically scan your machine via the web and tell you that you have malware. Not one single service should ever be asking for your password via email. Ordinary citizens should definitely be concerned about scare tactics and phishing. Sites like this one are great for that sort of education. Ignorance can be dangerous.
Defining your terms?
<snip>
It's the first time "fileless techniques" have been in the majority.
</snip>
and
<snip>
CrowdStrike's definition was that malware involves files being written to an attacked machine's disk. That includes familiar attacks such as remotely installing rogue files and software after exploiting a security flaw, or tricking the user into downloading or opening a malicious file.
</snip>
???
How is this "fileless"? You/they are saying file are being saved to the local drive? How is this different than a "normal" malware attack?
Similar to "Astaroth" malware
We've covered the idea of fileless attacks with regard to the Astaroth malware. Please read this article as well as my comments which should help to explain what you're asking.