“Malware Mania” is back with a vengeance creating havoc for organizations of all sizes and in all industries. Cybercriminals have morphed their attack methods with the resurgence of macro malware and encrypting ransomware to evade traditional antivirus and sandbox defenses. As a result, cybersecurity teams are scrambling for a more effective way to deal with these shocking realities:
- 2,825 complaints identified as ransomware with adjusted losses of more than $59.6M were reported (FBI IC3 Report, 2023)
- 30% increase in malware attacks on US businesses over last year (Check Point Research, 2024)
- Emotet continued to dominate as a top malware family delivered via malicious attachment (SC Media article, Nov. 15, 2024)
- Defense evasion was most prevalent technique per 100K+ Windows sample via email through macro-malware (Help Net Security, Mar. 20, 2024)
- 97% of malware is unique to a specific endpoint, rendering signature-based security virtually useless (ConnectWise, Apr. 20, 2019)
- 130% increase in the volume of malicious links delivered via email Q1 of 2024 (Computer Weekly, Aug. 20, 2024)
- Microsoft 365 macro-enabled documents have been the prevailing method for initial access for the last 8 years (TrendMicro article, June 20, 2024)
- Microsoft Windows .exe files were the most common malware file type via the web & .html files were the most common via e-mail (Statista, Nov. 9, 2024)
- 450,000 malicious programs are registered every day (AV-TEST Institute, 2024)
But...
One simple enhancement to your existing secure email and web security gateways can completely dissemble email attachments and downloads at more granular level to immediately remove the macro malware threat using hidden triggers bypassing detection, extremely popular with TeslaCrypt and Locky ransomware.
Deeper content inspection and structural sanitization that is not limited by zip/encryption, file size, analysis timing delays, virtual environment evasion techniques or multiple embedded document layers is proving to provide the highest detection rates, immediate impact, and cost-effective defense against evading malware and ransomware.