A new malware attack, that’s being called fileless malware, has recently fooled the defenses of dozens of banks around the world.
Anti-malware software searches hard drives for malicious files and flags them for removal. But so-called fileless malware avoids software detection by not depending on hard drives files to run.
In February, research released by Kaspersky Lab found that fileless malware infected more than 140 financial institutions, government organizations, and telecom companies across 40 countries.
“I would say this is becoming more of a checkbox for attackers’ toolkits,” Greg Linares, a security researcher who specializes in threat intelligence told Wired.
With increasing awareness organizations should look to take different preemptive measures.
“Security teams could monitor for the unexpected creation of services on their systems, watch for unexpected tunneling traffic within their network, attempt to observe outbound traffic, and disable the use of PowerShell on their networks if it is unused,” said Kurt Baumgartner, a principal security researcher at Kaspersky Lab.
It is possible to mitigate the threat, however many organizations aren’t even focused on spotting it in the first place.
Read more at wired.com.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.