Over this past year, the frequency of ransomware has jumped from hitting companies every two minutes to every 40 seconds. The rate at which it’s growing is definitely alarming.
But what about attacks that don’t use malware? Or even phishing?
According to Carbon Black’s 2016 Threat Report, in a 90-day period, “about one-third of organizations are likely to encounter at least one severe, non-malware attack.”
This form of attack doesn’t require any files to be downloaded or any malicious links to be clicked upon. Instead, it uses normal, every day operating tools such as PowerShell or Windows Management to spread an attack through open applications without being detected on your network.
In this study, Carbon Black surveyed over 1,000 customers who represented more than 2.5 million endpoints. Almost every single one of them had been the target of a non-malware attack in the past year.
And it’s not going away. From Q1 to Q2 of this year, non-malware related attacks surged by 93%, and Q4 saw a 33% increase in “severe” attacks than in Q1.
Carbon Black defines a “severe” attack as, “an attack that often includes suspicious command lines, delivering executable code directly to PowerShell and exhibits some type of additional malicious techniques during execution (such as executing dynamically delivered shellcode, reading memory of other processes, or injecting into other running processes.)”.
This is also allegedly how hackers were able to gain access to the DNC earlier this year without being detected.
In their predictions for 2017, the report concludes, “non-malware attacks are at the highest levels we’ve seen and should be a major focus for security defenders during the coming year.”
