There have been some truly horrifying cyber-security headlines popping up over the last month. If you’ve been reading about “fileless” malware attacking banks and other big-name institutions around the world, we’re here to set the record straight: It is unlikely your organization is in direct danger. But even if you’re not at risk at this time, staying abreast of all the details is still worthwhile.
What is this new threat?
To oversimplify the matter, fileless malware is stored somewhere other than a hard drive. For example, with some incredibly talented programming, a piece of malware could be stored in your Random Access Memory (RAM).
RAM is a type of temporary memory used by applications that are running, which means today's antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.
This isn’t the first time it’s been detected
Industry-leading cyber-security firm Kaspersky Lab first discovered a type of fileless malware on its very own network almost two years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber-warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.
Where is it now?
Apparently being infected by this strain of malware makes you an expert, because Kaspersky Lab was the group that uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyber-attackers to withdraw undisclosed sums of cash from ATMs.
Am I at risk?
It is extremely unlikely your business would have been targeted in the earliest stages of this particular strain of malware. Whoever created this program is after cold hard cash. Not ransoms, not valuable data, and not destruction. Unless your network directly handles the transfer of cash assets, you’re fine.
If you want to be extra careful, employ solutions that analyze trends in behavior. When hackers acquire login information, they usually test it out at odd hours and any intrusion prevention system should be able to recognize the attempt as dubious.
Should I worry about the future?
The answer is a bit of a mixed bag. Cyber-security requires constant attention and education, but it’s not something you can just jump into. What you should do is consider working with an experienced IT services provider -- like us. Call today to get started.