What strategies should organisations follow to block malware attachments which continue to account for two-thirds of malware infections that result in data breaches?
Malware is very frequently delivered by email. The trusty attachment has served criminals well and, given that we are clearly still opening them, they seem happy to continue their use.
Part of malware distribution is found in the increasing use of other web-enabled systems and devices, such as air conditioning management or hospital imaging systems. A business with only an email system or standard corporate network to consider will most likely limit change management and training to that area. This is not the case for most, however, and even security systems can be used to malware payload infection.
If we consider the recent ransomware outbreak that affected the NHS, we can see this in action, as many systems compromised were not computers as such but were things like imaging systems, which were using legacy platforms. But the question here was related to email attachments and so, naturally, we need to start with people.