Invisible aka Fileless Malware — Malware of the Month, June 2019
Malware of the Month – Spanning Spotlight Series: June 2019
Our Malware of the Month series highlights one devastating malware after another. Last month, we profiled the Emotet malware and this month, we discuss Invisible aka Fileless Malware.
What is Invisible Malware?
Invisible Malware is the type of malware responsible for the increasing number of endpoint or zero-day attacks. Based on the 2018 State of Endpoint Security Risk report by Ponemon Institute, 64% of organizations suffered an endpoint attack in 2018, of which 76% were caused by fileless attacks. Invisible malware truly lives up to its name; you would not even be aware of its presence, let alone be able to defend yourself against it, as it’s causing irreversible damage.
Root Malware Type
Invisible malware is a type of Fileless malware that comes with zero footprint. It typically either resides in the memory, comes packaged as firmware or lives in your Basic Input/Output System (BIOS) – thus bypassing anti-virus software.
Tips for Protection:
A quick run through of best practices to protect against Invisible/Fileless malware:
- Ensure Endpoint Protection: Apart from anti-virus, ensure that you have updated Endpoint Detection and Response (EDR) solutions on your servers.
- Move Sensitive Data to the Cloud: The cloud, with its robust security measures, is a much safer place than your servers. Encrypt and move critical data and processes to the cloud. Additionally, don’t put all your trust in your cloud providers – enlist the safety net of a reliable backup and recovery solution like Spanning.
- Train Employees on Cybersecurity Best Practices: Phishing or an infected device can be a potent vector for invisible malware. Ensure that employees, across org levels, undergo security awareness training. Send regular reminders and updates about malware breaches and safe email practices.
- Upgrade your Server Processors: The industry’s hardware giants are also rising to combat the pervasive threat of invisible malware. Intel has developed a “Hardware Shield” technology, which delivers out-of-the-box protection against firmware attacks. Lockheed Martin in collaboration with Intel has created a robust processor, the Intel® Select Solution for Hardened Security, to prevent such malware by isolating and protecting critical resources.
- Last Resort – Pull the Plug: Invisible malware at times insidiously combines itself with a virtual rootkit called “Blue Pill malware,” which loads the operating system into a virtual machine that can “fake” the restart. Leaving you with the sole option of pulling the plug.
Stay safe, backed up and tune into July’s Malware of the Month – Steganography malware, or Stegware.