Fileless malware attacks are almost 10 times more likely to succeed in infecting a machine than file-based attacks, according to a new report from the Ponemon Institute sponsored by security firm Barkly.
These attacks use a system's own trusted system files and services to obtain access to devices while evading detection. A fileless malware attack may be paired with other malware types to deliver multiple payloads.
Nearly 70% of the 665 IT and security leaders surveyed said that the endpoint security risk to their organization has "significantly increased" in the past 12 months. Some 54% of companies have experienced a successful attack, the survey found, with 77% of those attacks using exploits or fileless techniques.
SEE: IT leader's guide to the threat of fileless malware (Tech Pro Research)
IT and security leaders estimated that 29% of the attacks they faced in 2017 were fileless attacks—up from 20% in 2016. The proportion will likely continue to rise next year, respondents predicted, with fileless attacks estimated to make up 35% of all attacks in 2018.
"This survey reveals that ignoring the growing threat of fileless attacks could be costly for organizations." Larry Ponemon, chairman and founder of Ponemon Institute, said in a press release. "The cost of endpoint attacks in the companies represented in this study could be as much as $5 million, making an enterprise-wide endpoint security strategy more important than ever."
Ransomware also continues to wreak havoc on many businesses, with more than half of the organizations surveyed reporting that they experienced one or more ransomware attacks in 2017. Of those, 40% said they experienced multiple ransomware attacks. Some 65% of organizations hit reported that they paid the attackers, with the average ransom payment hitting $3,675.
To address the rising threat of fileless malware, more than 50% of companies surveyed said they have looked to replace or augment their existing endpoint security with new tools. However, IT and security leaders cited problems with protection gaps, high false positive rates, and complex management in many new solutions.
Here are five tips to avoid fileless malware infections, from TechRepublic's Jesus Vigo:
1. Restrict unnecessary scripting languages
2. Disable macros and digitally sign trusted macros
3. Monitor security appliance logs for unauthorized traffic
4. Implement endpoint security with active monitoring
5. Perform patch management across all devices
For more tips on how to minimize your risk of fileless malware infection, click here.
Want to use this data in your next business presentation? Feel free to copy and paste these top takeaways into your next slideshow.
- Fileless malware attacks are almost 10 times more likely to succeed in infecting a machine than file-based attacks. -Ponemon Institute and Barkly, 2017
- IT and security leaders estimated that 29% of the attacks they faced in 2017 were fileless attacks, compared to 20% in 2016. -Ponemon Institute and Barkly, 2017
- More than half of organizations reported experiencing one or more ransomware attacks in 2017, paying an average ransom of $3,675. -Ponemon Institute and Barkly, 2017
- Download: 10 ways to minimize fileless malware infections (TechRepublic)
- After a decade of silence, this computer worm is back and researchers don't know why (ZDNet)
- Fileless malware: An undetectable threat (TechRepublic)
- How to make your employees care about cybersecurity: 10 tips (TechRepublic)
- Computer Hacking Forensic Investigation & Penetration Testing Bundle (TechRepublic Academy)
Alison DeNisco Rayome has nothing to disclose. She does not hold investments in the technology companies she covers.
Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.