Growth in attacks designed to obfuscate access and purpose should put organizations on alert as cybercriminals gain control over endpoints to do just about anything they want.
The most dangerous cyberattack is the one you don’t know about.
And that’s exactly what cybercriminals are focusing on, according to Malwarebyte’s 2019 State of Malware report. If an attack can either run completely in stealth, or simply hide their true intention, in many ways, they’ve already won.
According to the report, two very specific types of attacks are on the rise from 2017 to 2018:
- Trojans saw a 132% increase
- Backdoors saw a 173% increase
Malwarebytes defines each of these separately. Trojans are programs "that claim to perform one function but actually do another", with Backdoors defined as "a type of trojan that allows a threat actor access to a system by bypassing its security" giving the cybercriminal access to systems completely undetected.
Organizations should be concerned looking for ways to stop these types of attacks using a layered approach at the gateway, the endpoint, and the user. Email and web gateways look for malicious content, blocking it from ever reaching the user. Endpoint protection and AV are used to augment these efforts. And Security Awareness Training makes the user a part of your security strategy, educating them on cyberattack tactics, how to identify suspicious web and email content, and how to avoid becoming the victim.
With such a massive effort being placed on malware designed to give cybercriminals to do just about anything they want, organizations can no longer afford to allow even one malicious email to get through and compromise the user, their endpoint, and – potentially – your organization.