skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view

Summary

Fileless malware is exactly that: there are no files. The malware executes in memory with no footprint, and is therefore much more likely to succeed in its unwanted endeavors than “traditional” malware that leaves a trail. Fileless malware is also less likely to attract the attention of security analysts and associated antivirus (AV) and antimalware technology, and layered security and patching are needed.

Easily available toolkits increase prevalence of fileless malware

Organizations are widely aware of fileless malware. Ovum’s ICT Enterprise Insights survey shows network security, and security and vulnerability management, as the leading investment priorities for enterprises across the globe. However, countering it is complex because the lack of a signature makes it hard to detect by traditional AV software. Although fileless malware has been around for years, it has risen in prevalence recently, with easily available toolkits for threats to take advantage of.

Fileless malware uses frameworks and tools that are available on the targeted device. PowerShell, the Microsoft task-based command-line shell and scripting language, is often used, as are unsecured macros. Executed commands are assumed to be okay because they are executed by the machine, leaving the door open to an extended and undetected fileless malware attack over days and months.

Inadequate patch management is the cause of many malware infections, including fileless malware. Maintaining a comprehensive patch-management program for operating systems as well as installed software is essential if organizations are to protect themselves. There are no shortcuts to patch management, and the activity demands formal recognition within the organization.

Other approaches to addressing fileless malware include ensuring that non-essential capabilities are disabled on devices, despite business users’ calls for “open” devices to aid efficiency, and using behavioral detection to alert security analysts to unexpected activity and behavior on a device.

There are many other threat protection solutions and approaches available that can operate alongside traditional antivirus to address fileless malware. Overall, organizations should ensure they are patched in a timely manner and that layers of security are deployed so that threats will switch their attention to another organization that is perhaps less secure. Don’t let that be your organization.

This report was originally published in Computer Weekly (see Appendix) by Ovum research director Maxine Holt.

Appendix

Further reading

ICT Enterprise Insights 2017/18 – Global: ICT Drivers and Technology Priorities, PT0099-000002 (September 2017)

On the Radar: Carbon Black defends against malware and file-less attacks, IT0022-001039 (July 2017)

Hackers, malware and insiders are present and active inside your security firewall, IT0022-000308 (February 2015)

http://www.computerweekly.com/opinion/Security-Think-Tank-Use-layered-security-and-patch-management-to-defeat-fileless-malware

Author

Maxine Holt, Research Director, Infrastructure Solutions

maxine.holt@ovum.com

Recommended Articles

  • Service Provider Markets, Consumer & Entertainment Services,...

    MWC 2018 Highlights

    By Ronan De Renesse 27 Feb 2018

    Over 20 of our senior Ovum analysts and consultants attended this year’s Mobile World Congress in Barcelona at the end of February. In between meetings, briefings and presentations, our analyst team were blogging and tweeting about key developments, trends and rumors. Have a look through our daily MWC 2018 Highlights to find out what happened.

    Topics 5G AI IoT Cloud Payments SDN/NFV Smart home

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.

;

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at ClientServices@ovum.com

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at pr@ovum.com

Contact marketing - 
marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now