Ransomware activity continues to exist, likely due to low overhead and a high investment return for the cyber criminals. Media coverage of successful attacks against Medical institutions and other affiliations in 2016 also show the threat is working.
Ransomware attacks will continue to increase well beyond 2017. Law enforcement has made a dent in some groups by closing down ransomware structures and going after wise guys. As companies get even more privy to threats, they're taking affirmative actions by making and testing backups. They also are testing human security awareness tools to help stop and sense potential cyber crimes before they occur.
Script-based malicious software threats are often harder for point-based security detectors to recognize. Human firewalls are a better method to protect script-based threats like Securables Perimeter cyber tools. We see Script-Based software found in both e-mail campaigns and lateral movement initiatives. Lateral movement happens after the first host compromise; the hackers will begin to concentrate their efforts on gaining access to credentials, internal reconnaissance and attacking other internal systems to get deeper into your network. Early in 2017, we noted Microsoft Publisher documents ( Boozer ) bypassed many spam filters that were being employed to deliver malignant macros. Human Firewall technology like Securable.io educates and verifies stakeholders are compliant with policies. Another similar case concerned MS Word 2007 template files ( DOTM ). Other formats not widely exploited,e.g., PPTM files made in Microsoft PowerPoint, could be the new focus for threat actors in 2017 and beyond. Assailants keep on making their malware more secret and efficient. One of the better strategies for addressing these exploits is to educate, train and verify Employee awareness around nefarious activities. A Human Firewall should be a prerequisite given the pre-eminence in security technology and industry point system controls. As an example, threat actors are hiding malware code in new sectors, and malevolently infecting volume boot records (VBR) and master file tables (MFT) to install malicious software before any security software loads is beginning to become more common.
Organizations should be implementing security awareness programs that help scale back the social engineering attack vector, vendors like Securable.io provide tools to educate, verify and comply with company policies. Companies should protect users from themselves by disabling macros by default. Then train staff never to enable macros unless they need to operate on a trusted document.