Macro-less Word Document Attacks on the Rise and Zero Day Malware Variants Jump 167 Percent.

Position:Security News and Products
 
FREE EXCERPT

WatchGuard Launches Threat Landscape visualisation tool to better understand security threats.

Total malware attacks are up by 33 percent and cyber criminals are increasingly leveraging Microsoft Office documents to trick victims and deliver malicious payloads, according to the latest Internet Security Report from WatchGuard Technologies, based on global threat intelligence data from nearly 40,000 Firebox appliances.

WatchGuard has also launched a new Threat Landscape data visualisation tool, giving public access to daily updates about the most prevalent computer and network security threats affecting SMBs and distributed enterprises.

Dynamic Data Exchange (DDE) attacks topped WatchGuard's top-ten malware list as hackers increasingly exploited issues within the Microsoft Office standard to execute code. Also called 'macro-less malware', these malicious documents often use PowerShell and obfuscated script to get past network defences. Additionally, two of the top-ten network attacks involved Microsoft Office exploits, further emphasising the growing trend of malicious document attacks.

Overall, malware attacks grew significantly, while zero day malware variants jumped 167 percent. WatchGuard Fireboxes blocked over 30 million malware variants in Q4 2017, which was a 33 percent increase over the previous quarter. Out of the total threats prevented, the subset of new or zero day malware instances rose steeply by 167 percent, compared to the previous quarter. These increases can likely be attributed to heightened criminal activity during the holiday season.

"After a full year of collecting and analysing Firebox Feed data, we can clearly see that cyber criminals are continuing to leverage sophisticated, evasive attacks and resourceful malware delivery schemes to steal valuable data," said Corey Nachreiner, chief technology officer at WatchGuard Technologies. "Although these criminal tactics may vary over time, we can be certain that this broad trend will persist, so the risks have never been greater for small and midsize organisations with less IT and security resources. We encourage businesses of all sizes to proactively mitigate these threats with layered security services, advanced malware protection and employee education and training in security best practices."

The report also shows that nearly half of all malware detected eluded basic antivirus (AV) solutions. WatchGuard Fireboxes block malware using both legacy...

To continue reading

REQUEST YOUR TRIAL