Fileless attacks surge in 2017, security solutions are not stopping them

By 2018, they are expected to account for 35 percent of all cyberattacks.
Written by Charlie Osborne, Contributing Writer
Markus Spiske | CC

Fileless attacks are on the rise and are predicted to comprise 35 percent of all attacks next year, according to the Ponemon Institute.

A new national survey conducted by Barkly and the Ponemon Institute titled "2017 State of Endpoint Security Risk," released on Wednesday, suggests that this method of cyberattack is becoming more popular -- and traditional antivirus solutions are doing little to stop the trend.

After surveying 665 IT security professionals in the enterprise, the organizations discovered that faith in traditional file-scanning and antivirus software has become ashes in the wake of new, more innovative methods of compromising PCs and computer networks.

"We are in the midst of a significant shift in endpoint security," Barkly and Ponemon say in the report. "The majority of organizations are replacing or augmenting these solutions with new security tools designed to stop fileless attacks, though many remain skeptical such attacks can be stopped at all."

Fileless attacks dismiss traditional methods of compromise, such as downloading and executing malicious files on a victim's system, as they can be detected by security solutions.

Instead, these attacks leverage exploits or launch scripts from memory, which can infect endpoints without leaving a trail behind.

See also: Tech Republic: Fileless malware: The smart person's guide

According to the report, 70 percent of those surveyed said that the security risk to their organization has increased in the past 12 months, and as fileless attacks often exploit gaps between traditional security solutions and next-generation alternatives, much of the risk can be blamed on an increase in this type of attack.

The survey results estimate that 29 percent of attacks the enterprise faced this year were fileless, up 20 percent year-on-year, and this rate is expected to rise to 35 percent in 2018.


When asked what respondents think is the biggest challenge or problem with current enterprise endpoint security solutions, a lack of adequate protection was cited as the top concern.

In addition, high numbers of false-positive alerts, as well as deployment & management complexity, were also considered problems that impact on security and productivity.

Less than a third of those who participated in the survey said they believe current security setups can prevent the new waves of threats that are being launched at companies.

In total, respondents said they believe the average cost of a successful attack is over $5 million, and when attackers do manage to get through endpoint security, the amount of damage caused equates to roughly $300 per employee -- and endpoint security is becoming harder to manage.


According to the research, existing endpoint solutions are placing a strain on staff, resources, and productivity. The average enterprise company utilizes around seven types of different endpoint solutions, which can make management difficult.

In total, 73 percent of respondents said it has become "more difficult" for enterprise companies to manage endpoint risk, and only a third said they have the resources to do so.

See also: Hilton agrees to $700,000 settlement over data breaches

Endpoint security is undergoing a shift as traditional security systems are no longer enough in the face of fileless attacks, sophisticated ransomware, phishing campaigns, and compromise through supply chains.

While the enterprise is gradually moving away from relying only on traditional antivirus, the report suggests that this is not enough -- as many businesses are simply supplementing with damage-limitation solutions rather than tackling attack vectors themselves.

"Organizations can clearly benefit from endpoint security solutions designed to block new threats like fileless attacks, which are responsible for the majority of today's endpoint compromises," the organizations say. "To restore their faith in endpoint security's effectiveness, new solutions need to address this crucial gap in protection without adding unnecessary complexity to endpoint management."

Top tips to stay safe on public Wi-Fi networks

Previous and related coverage

    How Cloudflare uses lava lamps to encrypt the Internet

    Cloudflare's encryption secret? Gelatinous floating blobs.

    Watch out: GIBON enters the ransomware space

    The new ransomware strain is the latest to target your PC for cash.

    WordPress patches SQL injection bug in security release

    Webmasters should update immediately to prevent website takeovers.

      Editorial standards