As businesses grapple with the security implications of hybrid work, malware continues to evolve and increase in sophistication. In fact, malware is no longer confined to traditional risky web categories; it is now lurking everywhere, from cloud apps to search engines.

To avoid falling victim to malware, security leaders must understand how such threats are evolving, regularly revisit their malware protection strategy, and account for all possible entry points. To do this effectively, we must first think like an attacker to better understand how malware is penetrating organizations worldwide.

Attackers are becoming savvier, using search engine optimization (SEO) techniques to bump malicious links and files to the top of users’ search engine results. This tactic is directly related to upticks in malicious PDF downloads, with recent research finding that malicious PDF  downloads increased by 450% over the past 12 months. By improving the ranking of malicious PDF files on popular search engines including Google and Bing, these attackers are able to rapidly spread malware to often unaware users.

SEO is just one technique attackers use to lure victims into downloading malware hosted on the web or in the cloud. Email, SMS, messaging apps, and social media are also commonly used to lure users. Web malware downloads originate from many different website categories, led by technology sites and content servers, while cloud malware downloads originate from hundreds of different apps, led by popular cloud storage apps.

Notably, the origin of web and cloud malware downloads are typically from servers located within the same regions as their victims. This is a growing trend that points to the increasing sophistication of cybercriminals, who are frequently staging malware on content servers and cloud apps to avoid geofencing filters and other traditional prevention measures.

When attackers are designing lures to spread malware, they typically try to capitalize on major societal events, such as COVID-19. They also tend to design lures that create a sense of urgency, such as a shipping invoice that needs to be paid or the confirmation of personal information in a healthcare form. Such lures account for the majority of malware downloads.  Attackers may also use more technical approaches, such as software exploits, drive-by downloads, or HTML smuggling to download malware onto a victim’s device. So what can be done to help bolster protection?

The immediate first step to building a stronger security architecture is recognizing that these threat trends are occurring in today’s digital environment. Regularly revisiting the organization’s malware protection strategy and verifying that all possible entry points are accounted for is one way for security teams to stay a step ahead of cybercriminals. Subsequently, by understanding the contemporary methods these malicious actors are using among today’s highly-dispersed business operations, security leaders can ensure efficient, effective protection against data theft, expensive breaches, and unnecessary disruptions in productivity on an ongoing basis.

About Contact Our Advertising Privacy Policy Cookie Policy Terms of Use

News, insights and resources for data protection, privacy and cyber security professionals.

About Contact Our Advertising Privacy Policy Cookie Policy Terms of Use Do Not Sell My Data