Document Based Malware & Socially Engineered Attacks – A Growing Online Threat to Your Business?

Document Based Malware & Socially Engineered Attacks – A Growing Online Threat to Your Business?

We all know about the security threats that we face from opening email attachments but is everybody in your organisation up to speed with how to avoid threats caused by document based malware and socially engineered attacks?

Malware Embedded in Document Files

James Lyne, global head of security research at the security firm Sophos recently outlined some of the latest online threats at the RSA Conference in San Francisco.

James highlighted a recent Sophos survey that showed that although only 0.5% of the 200 participants would open an email attachment, 70% would click on a Web link and 98.5% would open a document file. The big risk highlighted here as that malware (a broad term that includes viruses) can be embedded in a document file (a file that we appear to trust) which could then be used to launch an attack.

Social Engineering

Spoofed emails supposedly from friends that are accompanied by malicious documents, an example of ‘social engineering’ methods, were also highlighted as an increasing threat.

The Goal – Data Destruction?

Mr Lyne also highlighted the increase in destructive document based malware.  Opening a document with malware known as CyCoomer inside could mean that all of the files on your computer and network connected drives are deleted!

Mr Lyne also pointed out that many cyber criminals now appear to be able to a technically out perform those who are trying to stop them.

What Can You Do To Protect Your Company?

In addition to simply opting for some good anti virus software there are a number of measures that you can take to protect your company from the latest wave of ‘human angle’ cyber crime:

  • Education and training.  Make sure that everyone in your company knows how to spot and avoid threats like document based malware, particularly since social engineering methods that rely upon human error are now so popular. Employees who know the risks will be able to rely less on technology and will be in a better position to protect your company should any of the technology fail (as often happens).
  • Get the latest software updates. The most up to date software will have some defence against known attacks.
  • Update security practices. Simple measures like using longer passwords is are helpful.  Poor patching practices and using unknown free Wi-Fi hotspots without using a VPN could leave your company open to serious security risks.
  • Choose your browser carefully.  Your browser should be your first line of defence against downloading potentially malicious software and if it is not detected at the download phase you then have to rely on other software to block it at the execution phase. A recent NSS Labs Inc test showed that Internet Explorer had a 99.9% block rate, and Chrome had 70.7% block rate, but Firefox only managed approximately 4%. Microsoft and Google browsers us a combination of URL filtering and application reputation for defence against threats like Socially Engineered Malware (SEM).  The Kingsoft Libao Browser which had an 85% block rate scans downloads with URL filtering and cloud-based file scanning.
  • If using mobile devices avoid contacting Mobile Blacklist Domains.