Increasing Threat of Fileless Malware Attacks Highlighted in Ponemon Institute Report

A recent report carried out by the Ponemon Institute has emphasized current endpoint security trends, details the ever-present threat from ransomware, and shows that fileless malware cyberattacks are increasing.

Annually, endpoint attacks cost the healthcare sector over $1 billion. The high cost of addressing attacks and the increasing threat means endpoint security should be a priority for healthcare groups. Sadly, many healthcare groups are continuing to depend on traditional cybersecurity technologies, which fail to properly safeguard against new threats. Further, spending on cybersecurity defenses often involves doubling down on current technologies, rather than strategic spending on new technologies that are far more effective at minimizing the risk of endpoint attacks.

The Barkly-sponsored study was sent to 665 IT and security workers. 54% of respondents said they had experienced at least one successful endpoint attack in the past year. Ransomware attacks are widespread. More than 50% of respondents said they had encountered at least one successful ransomware attack in 2017, while 40% of respondents said they had experienced more than one ransomware attack.

In some cases, groups pay the ransom to quickly regain access to their data, others have no alternative but to pay the ransom. 65% of surveyed firms reported that they had paid a ransom demand to regain access to their data. The average ransom payment was $3,675.

The danger posed by ransomware is unlikely to disappear. As long as the attacks are profitable, they will carry on. A recent report from Cybersecurity Ventures claims that global ransomware damages will reach $5 billion in 2017 and will increase to $11.5 billion in 2019. Putting those figures into perspective, the overall cost of ransomware attacks during 2015 was $325 million.

One of the most worrying endpoint security trends included in the recently issued Ponemon Institute report was fileless malware.  Fileless malware attacks have surged considerably in the past year. Out of all organizations that reported experiencing a minimum of one endpoint attack, 77% said at least one of those attacks included an exploit or fileless malware. Overall, 29% of organizations have encountered a fileless malware attack, an increase of 20% from last year. Ponemon also reports that fileless malware attacks are also 10 times more likely to succeed than other varieties of malware cyberattacks.

The cost of endpoint attacks is significant. On average, it costs $301 per worker to address an attack – or $5,010,600 per company, annually, on average. The healthcare sector alone has spent $1.3 billion in the past year addressing endpoint attacks. Those costs are broken down as 30% due to loss of productivity, 25% due to system downtime, and 23% due to theft of data assets.

Avoiding endpoint attacks is seen as a significant issue, with more than half of those surveyed (54%) not believing that endpoint attacks can actually be prevented. Antivirus solutions are required to stop malware infections, although they are not normally effective against current threats such as fileless malware.

“This survey reveals that ignoring the growing threat of fileless attacks could be costly for organizations,” commented Ponemon Institute Chairman and Founder Dr. Larry Ponemon. “The cost of endpoint attacks in the companies represented in this study could be as much as $5 million, making an enterprise-wise endpoint security strategy more important than ever.”

The vulnerabilities of AV software have led many firms to invest in new technologies such as endpoint detection and response measures, although those solutions do not stops attacks, only minimize the damage caused when they do happen.

50% of firms said they are planning to replace or augment their existing endpoint security systems with new tools, although many of those surveyed said they are having problems with endpoint security systems, such as a high false positive rate, complex management of the solutions, and even when solutions are implemented, there are many protection gaps.