Are you happy with the antivirus you are using? More than half of last year's attacks were fileless or used malware-free techniques, as hackers increasingly turned to credential theft to breach corporate networks.
Malware-free tactics accounted for 51% of attacks in 2019, up from 40% the previous year, although that number was driven by a sharp increase in North American attacks.
About 74% of the attacks in the region did not use malware, while these techniques accounted for 25% of the Indo-Pacific attacks, according to the Global Threat Report 2020 of CrowdStrike.
The assessment of the annual threat landscape report is based on the analysis of the data company collected from more than 3 trillion events per week in 176 countries, and consultations by its intelligence team, which monitors national hackers, hacktivists and many others.
The growing popularity of attacks without malware shows us the need not to rely solely on anti-virus tools.
Malware-free attacks are those that do not require any files on the victim's disk. They could be attacks where malicious code runs from memory, boot, or credential theft attacks that simply require you to click a link. Malware-free attacks usually require different detection techniques to detect and prevent them, which makes today's antivirus completely inadequate.
New methods also require new practices, as it is impossible to reach a new point using the same familiar path.
These attacks have come to remind us that there is always another way. New roads lead to new discoveries and of course the one who takes the risk wins first, if things go well. This applies to both sides (hackers-antivirus)
Future protections, then, should study the behavior of each of us who uses computer systems. Once they learn how the owner works they will be able to block behaviors that do not seem familiar, or at least ask the owner: is this happening, is it you?
This may sound like a science fiction script, but it's not that far off if you look at the growth in artificial intelligence and machine learning. It's impossible to fight smart threats with stupid antivirus designed just to compare virus samples.
Here is the good and bad news:
The emergence of cloud-based antiviruses is very encouraging (in cloud). At present their technology is simple, as it continues to compare virus samples. But over the years, the computing power of the cloud will help artificial intelligence and machine learning systems run on every user's PC.
Only that the hackers once again have the lead.