By Slava Gorelik – Founder and VP R&D
Malware threats to data
Hackers are getting more ingenious by the day with fileless invisible malware types that escape detection. Nodersok is the latest in the line, but it is only one amongst many. Top 10 malware infections in 2019 included Emotet, Wannacry, ZeuS, Dridex, and Kovter. How can an organization secure itself against such: malware threats to data?
What is Nodersok?
In September 2019, researchers from Microsoft’s Advanced Threat Protection (ATP) team discovered a fileless multi-stage infection, node.js based malware. They dubbed it Nodersok. Fileless threats pose a different level of challenge compared to file-based ones and need advanced techniques to manage prevention. Nodersok uses valid tools and ensures nothing malicious is written to the disk. The malice resides in-memory. The entire Nodersok campaign runs in four stages, finally disabling the Windows Defender Antivirus and turning the machine into a proxy. Nodersok has affected a range of industry sectors with a particular fondness for the education sector.
How prevalent are malware attacks?
Different though they are, these forms of malware show certain common aspects:
- Microsoft Office is a favorite
- Email is the primary attack vector
- Over 60% of the attacks target the small business category.
How do you protect your organization and data from them?
Malware protection in Office 365
If your enterprise has moved to Office 365, you have taken a step in the right direction. Office 365 comes with built-in protection that prevents the introduction of malware into Office 365 via a client or from an Office 365 server. Exchange online ensures that all emails travel through the Exchange Online Protector (EOP) which scans and quarantines in real-time.
Microsoft also offers Advanced Threat Protection (ATP) with an email filtering service that provides additional protection against phishing. Similar protection exists for Sharepoint Online and OneDrive for Business as well. With all the defense in place, malware threats to data still do materialize and while there is no consistent globally agreed way to track and report a cost per infection, in 2018, in the US alone the average cost per breach was $7.9 million.
Data loss from threats like malware are an established reality and enterprises both big and small cannot afford to take the risk. For malware to infest your organization, all it takes is one wrong click, one crafty phishing attack, one infected flash drive. Office 365 cannot protect you from data loss/corruption due to such attacks at your end. This is why third-party SaaS backup is so critical to protecting your organization’s data.
How can SaaS backup protect against Malware threats to data?
The damages of malware threats to an organization include data corruption, data loss, identity theft, and security/network breaches. The repercussions of such an attack go far beyond financial loss; they can decimate a company’s reputation and customer base, which has taken years to build, in a few hours. When struck with a malware attack, the best way to minimize its damage is to ensure business continuity with quick disaster recovery.
Central to that is having a reliable backup and recovery solution. SaaS backup of Office 365 can enable you to easily and quickly recover an accurate copy of your data and can completely blunt the malware attack. Office 365 does come with native solutions like Recycle Bin, however, they offer limited-timespan restores and recovery can be cumbersome.
How can CloudAlly help?
CloudAlly pioneered cloud backup way back in 2011. Resultantly we have nurtured a mature suite of robust SaaS backup solutions for Office 365 Backup, Sharepoint and OneDrive. We were also ranked #1 by Newsweek by over 10,000 IT Pros.
We offer a full-featured 15-day free trial which you can activate and start backing up your data in minutes and are very highly rated and recommended by our users. We also offer considerable discounts for educational institutions, non-profit organizations, and as a part of our partner program. Contact us and we will be happy to have an expert guide you.