UPDATED 00:01 EDT / MARCH 28 2018

INFRA

Report finds ‘macroless’ Word malware attacks are surging in popularity

Macroless Word document malware attacks are surging in popularity among hackers, according to a new security report from WatchGuard Technologies Inc.

The Internet Security Report for Q4 2017, based on data gathered from WatchGuard Firebox appliances protecting small and midsized businesses, found that malware attacks jumped 33 percent in the quarter. Cybercriminals are increasingly leveraging Microsoft Office documents to deliver malicious payloads.

Those Office-based hacks, which involve cybercriminals leveraging Dynamic Data Exchange attacks designed to trick users into clicking them, entered WatchGuard’s top 10 malware list in in the fourth quarter for the first time. The attacks employ malicious documents often using PowerShell and obfuscated script to get past network defenses.

“After a full year of collecting and analyzing Firebox Feed data, we can clearly see that cybercriminals are continuing to leverage sophisticated, evasive attacks and resourceful malware delivery schemes to steal valuable data,” Corey Nachreiner, chief technology officer at WatchGuard, said in a statement.  “Although these criminal tactics may vary over time, we can be certain that this broad trend will persist, so the risks have never been greater for small and midsize organizations with less IT and security resources.”

Other takeaways from the report included continued growth in malware. WatchGuard said it blocked more than 30 million malware variants in the quarter, with a new subset of zero-day or not-yet-discovered malware instances climbing 167 percent. The increase was attributed to heightened criminal activity during the holiday season.

Nearly half of all malware attacks managed to elude basic antivirus software. WatchGuard has a dog in this hunt, since its Fireboxes are intended to provide network protection to catch malware at the point of attack.

Scripting attacks accounted for 48 percent of the top malware in the quarter, with JavaScript and Visual Basic Script threats once again remaining the most popular forms of scripting attack.

Image: antonescurazvan/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.