Fileless malware: who are the targets?

Security

Business owners have spent the last couple months fearful of cyber attacks from the “fileless malware” plastered across headlines. The reality of this new threat doesn’t actually call for panic…yet. Getting acquainted with this new malware today could save you from a headache in the future.

What is this new threat?

To oversimplify the matter, fileless malware is stored somewhere other than a hard drive. For example, with some incredibly talented programming, a piece of malware could be stored in your Random Access Memory (RAM).

RAM is a type of temporary memory used only by applications that are running, which means antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.

This isn’t the first time it’s been detected

Industry-leading cyber security firm Kaspersky Lab first discovered a type of fileless malware on its very own network almost two years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

Where is it now?

Apparently being infected by this strain of malware makes you an expert because Kaspersky Lab was the group that uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyber attackers to withdraw undisclosed sums of cash from ATMs.

Am I at risk?

It is extremely unlikely your business would have been targeted in the earliest stages of this particular strain of malware. Whoever created this program is after cold hard cash. Not ransoms, not valuable data, and not destruction. Unless your network directly handles the transfer of cash assets, you’re fine.

If you want to be extra careful, employ solutions that analyze trends in behavior. When hackers acquire login information, they usually test it out at odd hours and any intrusion prevention system should be able to recognize the attempt as dubious.

Should I worry about the future?

The answer is a bit of a mixed bag. Cybersecurity requires constant attention and education, but it’s not something you can just jump into. What you should do is hire a managed services provider that promises 24/7 network monitoring and up-to-the-minute patches and software updates — like us. Call today to get started.

Published with permission from TechAdvisory.org.

Previous Blogs

Benefits of a Privately Hosted Exchange Server

Benefits of a Privately Hosted Exchange Server

When clients decide that it’s time to retire their aging, on-premise Exchange servers, questions often come up on where to go with their next Exchange server.  With few exceptions, the answer is the cloud due to uptime requirements for email flow and minimal cost...

read more
Data Center Upgrade and Move Announcement

Data Center Upgrade and Move Announcement

Russell Technologies has exciting news to share. We are upgrading and moving our primary data center in St. Louis, moving it from 210 N Tucker to 710 N Tucker. After almost 6 years in 210 N Tucker, this was not a decision that we made easily, but the move gives us...

read more
Security policies for your business

Security policies for your business

Businesses rarely address cybersecurity in their company policies. With cybercrimes becoming more prevalent, it’s important you inform staff about the threats they could be exposed to. Make sure your business and employees are safe with these security policies. Internet In today’s business world, employees spend a lot of time on the internet. To ensure they’re […]

read more