File-less malware is becoming more and more of a problem. Why? Because it’s working. Traditional Security solutions provide a great deal of protections for current environments. However, they also create a framework for how to propagate an attack.
Most traditional security protections are scanning files, detonating files, examining what file did or is about to do. Not to mention, comparing it to other files to try and decide if its good or bad. But as the name suggests, file-less malware has nothing to scan, thus nothing to detect and alert on.
These kinds of attacks will continue to evolve because hackers are now organizations with multitudes of skill sets, talents and motivations. Thanks to the cloud they can spin up servers to work on at Amazon or Azure. Thanks to eBay, they can buy used switches and routers. Thanks to e-commerce they download a trial of nearly any Security product or business application to begin understanding its inner-workings. This gives them access to everything they need to test and deliver threats just like most organizations test and deliver their final products.
Since only the largest organizations have budget to really mount a proper defense, most end users are building dams that don’t stretch across the whole river, leaving massive gaps in their infrastructure defense.
So, what do you do when you don’t have the budget? First figure out what your most critical assets are Make sure you are allocating your security budget so that you are properly protecting the most critical assets. Segment your network to isolate critical data and devices.
Also, start planning for next years’ budget. Let your Security VAR(s) help you make the case to management. Where many small IT organizations go astray is trying to do it all on their own. We can help with Security Strategy as well as initial implementation and configuration. We help by making a business case to business people. Our secret is, no one person does all that stuff. Our team can jump in and help with these tasks which then extends your team.