Malicious Macros Continue to Cause Damage

 
 
By Samuel Greengard  |  Posted 2015-07-10 Email
 
 
 
 
 
 
 
 
 
 

Although the methods used for malicious attacks constantly change and those in the crosshairs must continually adapt to new and changing tactics, some old and often forgotten approaches continue to do damage. One of these threats is the malicious macro. A new report from cyber-security firm Proofpoint—"How Does an Attack Technique Go from Antique to Blockbuster?"— examines these risks. By combining technical analysis of malware samples with investigation on cyber-criminal forums, the report identifies the economic and technical drivers behind the recent rise of malicious macros. It found that, from a cost perspective, malicious macros deliver the most "bang for the buck" because they combine lower up-front and maintenance costs with higher effectiveness to create a killer app for cyber-criminals. The advantages include the following: They are highly successful at evading signature and reputation-based defenses; they're easy to update at a low cost; they work across platforms; they are easy to use; and they are highly effective with social engineering techniques.

 
 
 
 
 
Samuel Greengard writes about business and technology for Baseline, CIO Insight and other publications. His most recent book is The Internet of Things (MIT Press, 2015).
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters