A New Cybersecurity Threat: Understanding Fileless Non-Malware Attacks
Fileless non-malware tactics are being used to stealthily infiltrate cybersecurity systems and many organizations aren’t equipped to detect or defeat these tactics, reports CyberScoop. This specific type of attack allows hackers to gain control of even heavily guarded computer networks. The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) warns that non-malware attacks are most likely to come from cybercriminals with interests focused on theft or data destruction.
While traditional malware accesses network systems much like any other software application (using .exe file extensions which are downloaded and installed), these “non-malware attacks” – a label penned by security researchers – rely on a different approach. “With the latest innovation by cybercriminals, fileless attacks don’t install files on hard drives, making it difficult for the malicious code to be detected,” explains Rose & Kiernan Vice President John Kerin. Instead, the attacks utilize commonly used and trusted system admin and security tools. These tools embed malicious codes into the computer memory or registry, rather than the hard drive – the section of the system scanned by anti-virus tools.
What specifically can businesses do to combat fileless methods of attack? The NJCIC recommends that all organizations reassess cybersecurity capabilities, processes and staffs to ensure they are working effectively to reduce the risks of data breaches or disruptive attacks. First and foremost, companies must “adopt a comprehensive cyber risk management framework and implement cybersecurity best practices and defensive measures,” warns the alert. Third-party products and/or services that manage full system endpoint protections may be necessary to mitigate risk associated with these attacks.
In addition to taking proactive steps in addressing the risks posed by fileless non-malware attacks, it’s crucial that employers invest in cyber liability insurance. A substantial cyber policy covers liability and data losses that may result from a data breach in which customer or client personal information is stolen by cybercriminals who have gained access to an organization’s electronic network system. Cyber policies can be specifically tailored to each organization and address industry-specific exposures to loss.
As explained by the International Risk Management Institute, Inc. (IRMI), cyber policies cover a “variety of expenses associated with data breaches, including: notification costs, credit monitoring, costs to defend claims by state regulators, fines and penalties, and loss resulting from identity theft.” Cyber policies also account for “liability arising from website media content, as well as property exposures from business interruption, data loss/destruction, computer fraud, funds transfer loss, cyber extortion, and for specific industries even direct claims of real property damage and business interruption claims that result in loss of income.”
Business owners may think they are covered for cyber risks because they’ve purchased technology errors and omissions (Tech E&O) insurance. However, while the two different types of insurance are frequently confused for one another, their coverage is vastly different. Tech E&O policies “protect businesses from claims of professional negligence for firms that provide technology products and services, such as computer software and hardware manufacturers, website designers, and firms that store corporate data on an off-site basis,” states IRMI.
At Rose & Kiernan, we specialize in helping our clients identify, understand, and quantify tech risks facing their organizations – with special focus on the cybersecurity threats that have emerged since the beginning of the new millennium.
Standalone general liability and property policies designed for the twentieth century are ill-equipped to meet the protection twenty-first century customers require. That’s why Rose & Kiernan works with the leading cyber insurers to meet the needs of today’s businesses. As new threats emerge, like these fileless and non-malware attacks, organizations will rely on first-rate solutions that best help to protect cyber assets.