eNews

Malware In Documents Is Latest Hacker Trend

Written by etrepid | Apr 23, 2019 3:00:00 PM

There is a new Threat Spotlight released by Barracuda Networks.

One of the biggest trends in 2019 (where threats against businesses of all sizes are concerned) now takes the form of poisoned documents attached to emails.

The company analyzed more than 300,000 email samples collected over the past twelve months.

They discovered that the frequency of document-based malware attacks increased markedly during the first quarter of 2019, with nearly sixty percent of poisoned files taking the form of documents.

As Jonathan Tanner of Barracuda Networks put it:

"For the past couple of years, script files were a very popular attack method.  The percentage of these sort of files declined drastically, however, and was a significant source of the increase of documents as an infection method...

Documents are a natural evolution from script files, since the languages used are also the ones used for documents - namely VBScript and JavaScript.  The same attacks could be converted to the document-based ones with only slight modifications.  The script authors had already become very adept at obfuscation techniques, so these could contribute greatly to document-based malware where scripting is already more common and thus deeper inspection of the script itself is required."

The good news is that most antivirus software is quite good at detecting malicious files.  Of course, the weakest link in the equation isn't detection software, it's users.  In light of the evolving threat, education is more important than ever. Although to date, the majority of employees have been stubbornly resistant to educational measures designed to reduce the rate at which employees will click on and open documents received from un-trusted or even unknown sources.

As a business owner, that will likely be one of your great challenges in the year ahead.  The more wary you can make your employees about opening files from people they don't know, the safer your network is bound to be.