skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view

Summary

Fileless malware is exactly that: there are no files. The malware executes in memory with no footprint, and is therefore much more likely to succeed in its unwanted endeavors than “traditional” malware that leaves a trail. Fileless malware is also less likely to attract the attention of security analysts and associated antivirus (AV) and antimalware technology, and layered security and patching are needed.

Easily available toolkits increase prevalence of fileless malware

Organizations are widely aware of fileless malware. Ovum’s ICT Enterprise Insights survey shows network security, and security and vulnerability management, as the leading investment priorities for enterprises across the globe. However, countering it is complex because the lack of a signature makes it hard to detect by traditional AV software. Although fileless malware has been around for years, it has risen in prevalence recently, with easily available toolkits for threats to take advantage of.

Fileless malware uses frameworks and tools that are available on the targeted device. PowerShell, the Microsoft task-based command-line shell and scripting language, is often used, as are unsecured macros. Executed commands are assumed to be okay because they are executed by the machine, leaving the door open to an extended and undetected fileless malware attack over days and months.

Inadequate patch management is the cause of many malware infections, including fileless malware. Maintaining a comprehensive patch-management program for operating systems as well as installed software is essential if organizations are to protect themselves. There are no shortcuts to patch management, and the activity demands formal recognition within the organization.

Other approaches to addressing fileless malware include ensuring that non-essential capabilities are disabled on devices, despite business users’ calls for “open” devices to aid efficiency, and using behavioral detection to alert security analysts to unexpected activity and behavior on a device.

There are many other threat protection solutions and approaches available that can operate alongside traditional antivirus to address fileless malware. Overall, organizations should ensure they are patched in a timely manner and that layers of security are deployed so that threats will switch their attention to another organization that is perhaps less secure. Don’t let that be your organization.

This report was originally published in Computer Weekly (see Appendix) by Ovum research director Maxine Holt.

Appendix

Further reading

ICT Enterprise Insights 2017/18 – Global: ICT Drivers and Technology Priorities, PT0099-000002 (September 2017)

On the Radar: Carbon Black defends against malware and file-less attacks, IT0022-001039 (July 2017)

Hackers, malware and insiders are present and active inside your security firewall, IT0022-000308 (February 2015)

http://www.computerweekly.com/opinion/Security-Think-Tank-Use-layered-security-and-patch-management-to-defeat-fileless-malware

Author

Maxine Holt, Research Director, Infrastructure Solutions

maxine.holt@ovum.com

Recommended Articles

  • Consumer & Entertainment Services

    Telco loyalty programs are about more than improving churn

    ByNicole McCormick 07 Mar 2018

    Loyalty programs have long been held as key to indirect monetization for the communications service provider. Upcoming research from Ovum has verified that notion – loyalty schemes improve Net Promoter Scores (NPS – a measure of brand perception) and can help improve churn. They can also lead to net additions growth and can even earn revenues for the operator.

  • Service Provider Markets

    5G is here – almost – with the launch of Verizon 5G Home

    ByMike Roberts 01 Oct 2018

    Verizon 5G Home is a milestone in the telecoms market because it is the first large-scale commercial launch of broadband services based on 5G technologies, albeit not on a fully standardized version of those technologies.

  • Consumer & Entertainment Services, Service Provider Technolo...

    When Netflix runs out of steam

    ByRob Gallagher 05 Dec 2018

    Never underestimate the power of one big idea – and one company's ability to deliver on its promise. But no single idea has infinite potential. Sooner or later, Netflix will need to look beyond the limits of its current business model.

;

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8935

Email us at ClientServices@ovum.com

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at pr@ovum.com

Contact marketing - 
marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now