Cases of document-based malware are steadily rising. 59 percent of all
malicious files detected in the first quarter of 2019 were
contained in documents.

Due to how work is done in today’s offices and workplaces,
companies are among those commonly affected by file-based attacks.
Since small to medium businesses (SMBs) usually lack the kind of
security that protects their larger counterparts, they have a
greater risk of being affected.

Falling victim to file-based malware can cause enormous problems
for SMBs. An attack can damage critical data stored in the
organization’s computers. Such loss can force a company to
temporarily halt operations, resulting in financial losses.

If a customer’s private and financial information is
compromised, the company may also face compliance inquiries and
lawsuits. Their reputations could also take a hit, discouraging
customers from doing business with them.

But despite these risks, SMBs still invest very
little^[2] in cybersecurity.
Fortunately, new and better solutions specifically focused on
file-based attack protection like malware disarming are emerging to
deal with file-based attacks. They’re becoming more accessible
too.

Security solutions provider odix^[3]
even recently received a 2
million euro grant^[4]
from the European Commission recently to bolster its move to bring
its technology to SMBs.

In the midst of rising threats, here are some ways on how SMBs
can mitigate file-based attacks.

1 – Disarming Malware

File-based attacks involve malware that is kept hidden in a
seemingly legitimate document. When a user opens the file, the
malware is activated.

Depending on the payload, the malware can destroy or steal data.
Many organizations continue to rely on antiviruses to deal with
these attacks.

However, hackers are now using more sophisticated polymorphic
malware that automatically changes to evade signature-based
detection employed by antiviruses.

Companies can also use air-gapped sandbox computers to scan and
test documents, but this often requires dedicated hardware and
personnel to manage.

Malware disarming is emerging to be the preferred way to prevent
file-based attacks. Unlike conventional as antiviruses and
sandboxes, such solutions can perform advanced scans that can
detect sophisticated malware.

But aside from merely scanning the files, the documents are then
sanitized, eliminating malicious codes. odix, for example, uses its
TrueCDR (content disarm and reconstruction) technology to ensures
that that the files are perfectly usable after cleanup.

2- Using Email with Strong Spam Filters

This year, 293 billion
business and consumer emails were sent and received per day on
average. This number is predicted to rise to 347 billion by the end
of 2023.

With this, spam continues to increasingly become an effective
cyberattack method. People clicked on links in 14.2 percent of spam
emails in 2018.

Work emails are just as exposed. Employees are likely to click
on spam email links and download and run potentially dangerous
attachments.

Some small businesses may rely on the free email accounts that
come with their website hosting packages. Unfortunately, such
accounts are often poorly-secured and do not have the necessary
security and filtering features that screen malicious emails.

To thwart these threats, companies can integrate stricter spam
filters that can safeguard all inboxes of the company by blocking
spam emails.

A more stringent measure is to adopt a solution like odix Mail.
It acts as a mail proxy for the company’s mail server. All
attachments contained in incoming emails are intercepted. These are
then scanned and sanitized using odix’s core engine. Once these
files are cleaned, they are reattached to the message and finally
sent to the intended recipient’s inbox.

3 – Being Wary of Removable Media

Flash drives, external webcams, and other USB peripherals can be
weaponized to infect a device or network.

However, employees tend to plug in media and devices without
much care, thinking that antiviruses can readily check for malware
via real-time security.

Unfortunately, hackers can cleverly disguise malware in these
removable media to evade standard scans. Weaponized USBs are also
used to breach even air-gapped systems.

SMBs can counter USB-based threats ensuring that no unauthorized
personnel can plug in USB peripherals to their computer system.
Network and operating system policies can be defined to withhold
privileges that allow the insertion of removable media on
workstations.

As an alternative, companies can use tools like odix’s Kiosk
product which is a dedicated file sanitation workstation where
users can insert their removable media.

The Kiosk acts as a gatekeeper to all files contained in USBs
and disc drives. These documents are examined and cleaned of
potential threats, ensuring that no malicious files from such media
ever get sent over the network. The sanitized files can then be
sent to the user’s email.

4 – Training Users to Avoid Phishing

Preventing file-based attacks also requires users to change their
mindset and behavior. This includes making sure that they don’t
fall for social engineering attacks like phishing.

Phishing is the fraudulent practice of sending deceptive emails
to extract personal and financial information from an unsuspecting
victim. The wide use of email has also made it one of the preferred
methods of cybercriminals.

Phishing emails are carefully crafted to imitate real
correspondence from trustworthy sources such as government offices,
HR, or financial institutions.

SMBs should provide proper training to their employees to teach
them to spot suspicious emails and links. Staff should also be
trained to always check any file downloaded online or from emails
for safety and legitimacy.

Having solutions like odix in place does help minimize the
potential exposure of companies since tasks such as checking
attachments and work documents are automatically performed. Still,
it pays to have employees with the proper knowledge on how to
safely and adequately use technology resources.

5 – Improving Access Control

Most SMBs use servers or cloud storage to keep and share files to
clients and employees from any device at any time. These can be a
cost-effective solution that also prevents sensitive data loss.

However, without appropriate security measures, these online
components may be exposed to attacks.

Users may use weak passwords for their accounts which hackers
can easily crack to gain access to these repositories. Not only can
they steal data, but they can also implant malware in the stored
documents to further spread malware.

To make sure that all accounts are made safe, companies can use
identity and access management (IAM) platforms. An IAM service can
authenticate employees and give them access to different
applications or files in the cloud. It also features multi-factor
authentication to provide additional security to protect from
unauthorized access.

Taking Security Seriously

Some SMBs assume that cyber criminals will only target big
corporations. But there’s no such thing as “too small” for hackers
these days. Cybercriminals like to target SMBs precisely because of
this mentality.

With 43
percent^[6] of cyberattacks targeted
at SMBs, it is only prudent for organizations to take cybersecurity
seriously. Enterprise providers like odix are now also expanding
their reach to SMBs, so modern solutions are already within
reach.

By equipping themselves with the necessary tools and training
their employees on how to protect themselves from cybersecurity
threats, SMBs are not only safeguarding their business but also
their customers and staff as well.

^[1][5]