There are more cyber-attacks occurring across the globe than ever before. While estimates of a 15% to 20% increase year on year for cyber-crime might not seem vast, that number is global and affects millions of PC’s, devices, and endpoints eg routers, servers, etc.
Now hackers have developed a new threat, a file-less attack. This new attack is becoming a hot favourite within the hacking community because it can go undetected through anti-virus software and corporate firewalls.
File-less attacks are cunning in their method of evading virtually every security firewall within corporate networks by having no malware within their programming.
All the hacker has to do is gain entry to the weak software within your system and infiltrate the source code. Once they have access to your system, they can embed code that can disrupt, capture or delete key information without leaving a footprint.
Without any malicious files, which would get detected by anti-virus software, a hacker can control operating system tools such as PowerShell or Windows Management Instrumentation and execute commands and controls at their leisure.
Those companies at the highest risk of attack are those using legacy operating systems, anti-virus or firewalls which haven’t been managed well or are at the end of their life. As systems become end of life and the manufacturers of the software stop issuing patches for that specific operating system, your business becomes a target for any hacker from any part of the globe.
One of the solutions that businesses are adopting is perimeter security to protect themselves from cyber-attacks which can decrease the affect of any attacks. The issue with perimeter security is they rely on some form of program or .exe file being used to penetrate the system.
Investment in end-to-end encryption, two-factor authentication and installing the latest software upgrades will help eradicate any vulnerable areas within a business network.
With a distinct lack of knowledge around file-less attacks, it may be we have to wait for another attack like WannaCry for businesses to be spurred into investing in the latest security, next generation firewalls and systems upgrades.
If you’re concerned about your security and protecting your data, contact our team and find how we can help you shield your business from this latest threat.