Fileless ransomware attacks are predicted to comprise 35 percent of all attacks next year, according to the Ponemon Institute
Fileless Ransomware Attacks are the new way for cybercriminals to maneuver around ransomware blocks and remain undetected. As forms of protection technology advance, so do the technology the criminals are using to attack.
A recent study indicates that 77 percent of compromised attacks this year were fileless ransomware attacks, and are ten times more likely to succeed than file-based attacks. These emerging forms of cyber attacks go unrecognized by antivirus tools since they don't download new software.
Fileless ransomware attacks target vulnerabilities, like browser vulnerabilities, to make the browser run malicious code. Typically, this happens when a user receives a spam message with a link to a malicious website. What this also means, is that much of the discourse on preventing ransomware to this point is now outdated. The focus recently has been preventing ransomware by not downloading attachments from unknown senders. While that is still applicable, it is not a silver bullet to preventing ransomware attacks.
As this new threat emerges, it is important to update your prevention mechanisms. A successful fileless attack relies on software vulnerabilities in the software already installed, therefore patching and updating the operating systems and applications are critical. Additionally, implementing behavior-based systems, including endpoint protection, into your defenses can also spot and prevent a fileless attack. Finally, updating your training, or including a reminder that ransomware attacks can come in ways other than just through email, will also be helpful. As with many other technical threats to PHI, this one will require a multi-layer approach.
Click here to learn more about Ransomware attacks Ransomware: It Doesn't Pay to Pay