Byte of Prevention Blog

Hackers Use MS Office Files to Deliver Malware

If you use Microsoft Office, you’re using the vehicle of choice for email hackers.

Microsoft Office formats like Word, PowerPoint and Excel are the favored file extensions for transmitting malware via email, accounting for 38 percent of cyber attacks. The next most popular delivery method: archived files such as .zip and .jar, which account for about 37 percent of malicious transmissions.

Rounding out the top three email threats are PDF files, accounting for nearly 14 percent of malicious file extensions.

Those are some of the findings from the Cisco Annual Cybersecurity Report.

Another study, the 2018 Hiscox Cyber Readiness Report, found that close to 75 percent of businesses worldwide (including law firms) are unprepared for a cyber attack. Only 11 percent were deemed to be cyber-safe.

Lawyers Mutual makes sure you stay on top of risks and threats that can affect your practice. Our Byte of Prevention blog brings you important news and updates. Our website contains a wealth of Practice Guides, checklists and resource links. And our Client Services Team is available to answer questions you and your team may have about cybersecurity.

Cyber Takeaway #1: Almost all malware is delivered in one of three ways.

According to the Cisco study, the Top 3 malicious file extensions – MS Office, archive files and pdfs – account for nearly 90 percent of email malware.

“That adversaries heavily employ archive files is not surprising, as they have long been favored places for malware,” according to the Cisco report. “Users must open archive files to see the contents—an important step in the infection chain for many threats. Malicious archive files also often find success in foiling automated analysis tools, especially when they contain threats that require user interaction for activation. Adversaries will also use obscure file types, such as .7z and .rar to evade detection.”

Cyber Takeaway #2: Social engineering is a launchpad for email attacks.

“Phishing and spear phishing emails were at the root of some of the biggest, headline-grabbing breaches in recent years,” the Cisco report says. “In 2017, tens of thousands of phishing attempts were reported monthly to the community-based, anti-phishing threat intelligence services included in our analysis. Threat actors in the phishing and spear phishing game are continuously refining social engineering methods to trick users into clicking malicious links or visiting fraudulent web page and providing credentials or other types of high value information. User training and accountability, and the application of email security technologies, remain crucial strategies for combatting these threats.”

Cyber Takeaway #3: Here are the common tactics used by email scammers.

  • Domain squatting: Domains named to look like valid domains (example: cisc0[dot]com).
  • Domain shadowing: Subdomains added under a valid domain without the owner’s knowledge (example: badstuff[dot]cisco[dot]com).
  • Maliciously registered domains: A domain created to serve malicious purposes (example: viqpbe[dot]top).
  • URL shorteners: A malicious URL disguised with a URL shortener (example: bitly[dot]com/random-string). Note: In the data we examined, was the URL-shortening tool adversaries used most. Malicious shortened URLs represented 2 percent of the phishing sites in our study.
  • Subdomain services: A site created under a subdomain server (example: mybadpage[dot]000webhost[dot]com).

Source: Cisco Report

Cyber Takeaway #4: Cyber insurance offers key protection.

According to the Hiscox report, one-third of businesses (including law firms) currently have standalone cyber coverage, while another 25 percent say they plan to purchase coverage in the coming year. That means 60 percent of businesses have – or will soon have – cyber protection.

Want to know how cyber insurance can protect your firm? Would you like to get a free quote? Contact Lawyers Insurance, the NBCA endorsed agency, today.

Lawyers Mutual is the only legal professional liability insurance company that has been protecting North Carolina lawyers continuously since 1977. Our motto, “Here Today, Here Tomorrow,” is more than a tagline. It’s our commitment to the lawyers in this state.

Related Posts