My TechDecisions

IT Infrastructure, Network Security

How To Protect Against Macro-Based Malware

Macro-based malware, an attack that once fell out of favor with hackers is possibly resurging, according to experts.

Leave a Comment

Microsoft warns of macros-based malware
prima91/stock.adobe.com

Macro-based malware in Microsoft Office products has been around since the ‘90s. However, since users have learned to combat it, it fell off the radar with hackers. N-Able, a technology partner for managed service providers, reported it’s starting to see a resurgence of these attacks over the past few years — and they’re not the only ones.

Cybercriminals are using social engineering to convince users to turn on macros to allow their malware to run (i.e. Locky). Typically, macro malware is transmitted through phishing emails containing malicious attachments.

Read: SolarWinds Hackers Used A Microsoft Support Agent’s Tools In New Attacks, Microsoft Says

Microsoft first noted the resurgence of macro-based malware in Mach of 2020, releasing a new runtime defense against it.

Many organizations that have legacy files that use macros may be susceptible to this kind of attack, explained Tal Leibovich, head of threat research at Deep Instinct, at a presentation during DEFCON 29.

Macro-Based Malware Prevention Tips

IT should create a good detection engine that can spot the actual threats without generating false positives and noise, according to Leibovich.

Digital forensics expert, Aaron Card, recommends blocking all inbound macro-enabled and macro-embedded files from email or file transfer pathways.

“Any O365 organization can also set a group policy to ‘disable all macros,’ with or without notification to the user in case a file somehow slipped through the defenses, or someone was allowed to run a file from an external drive or media,” he told TechRepublic.

He also noted when selecting antivirus software, make sure the antivirus software can be configured to block the macros.

If your organization must use macros, Card recommends, “running all functionality and users in virtual desktop environments to greatly limit any spread or damage from macro malware that persists.”

IT managers must ensure staff members are properly trained when it comes to spotting phishing emails and social engineering tactics employed by cybercriminals. With the pandemic, many cybersecurity trainings may have fallen by the wayside.

Reader Interactions

Leave a Reply

Your email address will not be published.

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Uber Advanced Technologies Group Drives its Business Forward

The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ