Fileless Malware, Ransomware Big Concerns for Businesses

Ransomware and fileless malware attacks pose massive threats to organizations, prompting the need for a more forward-thinking strategy.

That’s according to Panda Security‘s Threat Insights Report 2020. It highlights data compiled by PandaLabs, the company’s antimalware laboratory and security operations center (SOC).

Panda detected nearly 15 million malware events in 2019. It stopped 7.9 million potentially unwanted programs (PUPs).

It also stopped 76,000 exploits attempting to take advantage of vulnerabilities in applications, networks or hardware.

Panda Security’s Rui Lopes

Rui Lopes is Panda’s director of sales and engineering support. He says to tackle these threats, cybersecurity providers need to arm themselves with next-generation endpoint security. It uses multiple layers of technology to combat threats that are varied in their methods, attack vectors and complexity.

“The future of cybersecurity lies not in a single method of protection, but instead in a combination of effective, proven layers of security technology and advanced, forward-thinking solutions,” Lopes said. “This approach is the most efficient and effective way to proactively secure endpoints against threats known and unknown.

As threats become increasingly complex in 2020, IT providers need a cybersecurity solution that’s consistently one step ahead of the hackers, Lopes said.

Persistent Threats

Ransomware is still persistent. A single click can paralyze an entire network, doing away with security controls and backups to make a big impact in a short amount of time. Any organization can fall victim to ransomware, Panda said.

Fileless malware attacks are more difficult to detect. That makes it easier for cybercriminals to launch a stealth attack.

Cybercriminals are changing how they attack, and their strategies no longer need a specific file to break into a network, according to the report.

Proactive threat hunting is essential to recognize abnormal and malicious behaviors that exploit trusted applications, it said.

The report also found cybercriminals are ultimately after three things:

• Using ransomware to extort money.
• Stealing data to sell on the dark web.
• Control of infrastructure to sell to nation-states, political groups, paramilitary factions and more.

“While the findings and data in the report speak for themselves, it’s important that IT professionals carefully read it so they can defend themselves for the threats they face today and prepare their cybersecurity offerings for the dangers coming in the months and years to come,” Lopes said.