skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view


Fileless malware is exactly that: there are no files. The malware executes in memory with no footprint, and is therefore much more likely to succeed in its unwanted endeavors than “traditional” malware that leaves a trail. Fileless malware is also less likely to attract the attention of security analysts and associated antivirus (AV) and antimalware technology, and layered security and patching are needed.

Easily available toolkits increase prevalence of fileless malware

Organizations are widely aware of fileless malware. Ovum’s ICT Enterprise Insights survey shows network security, and security and vulnerability management, as the leading investment priorities for enterprises across the globe. However, countering it is complex because the lack of a signature makes it hard to detect by traditional AV software. Although fileless malware has been around for years, it has risen in prevalence recently, with easily available toolkits for threats to take advantage of.

Fileless malware uses frameworks and tools that are available on the targeted device. PowerShell, the Microsoft task-based command-line shell and scripting language, is often used, as are unsecured macros. Executed commands are assumed to be okay because they are executed by the machine, leaving the door open to an extended and undetected fileless malware attack over days and months.

Inadequate patch management is the cause of many malware infections, including fileless malware. Maintaining a comprehensive patch-management program for operating systems as well as installed software is essential if organizations are to protect themselves. There are no shortcuts to patch management, and the activity demands formal recognition within the organization.

Other approaches to addressing fileless malware include ensuring that non-essential capabilities are disabled on devices, despite business users’ calls for “open” devices to aid efficiency, and using behavioral detection to alert security analysts to unexpected activity and behavior on a device.

There are many other threat protection solutions and approaches available that can operate alongside traditional antivirus to address fileless malware. Overall, organizations should ensure they are patched in a timely manner and that layers of security are deployed so that threats will switch their attention to another organization that is perhaps less secure. Don’t let that be your organization.

This report was originally published in Computer Weekly (see Appendix) by Ovum research director Maxine Holt.


Further reading

ICT Enterprise Insights 2017/18 – Global: ICT Drivers and Technology Priorities, PT0099-000002 (September 2017)

On the Radar: Carbon Black defends against malware and file-less attacks, IT0022-001039 (July 2017)

Hackers, malware and insiders are present and active inside your security firewall, IT0022-000308 (February 2015)


Maxine Holt, Research Director, Infrastructure Solutions

Recommended Articles

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.

  • Enterprise Decision Maker, Enterprise IT Strategy and Select...

    2017 Trends to Watch: Big Data

    By Tony Baer 21 Nov 2016

    The breakout use case for big data will be fast data. The Internet of Things (IoT) is increasing the urgency for enterprises to embrace real-time streaming analytics, as use cases from mobile devices and sensors become compelling to a wide range of industry sectors.

    Topics Big data and analytics IoT

  • Enterprise Services

    5G: Another technology in search of enterprise use cases

    By Evan Kirchheimer 26 Apr 2018

    Service provider interest in justifying 5G investment through its potential to open new revenue streams from the enterprise segment is growing ever greater.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now