You might live to regret opening that Microsoft Office document
Hackers seizing on trust placed in popular Microsoft Office software
For many of us, it's impossible to avoid Microsoft Office, such is its popularity among businesses - and cybercriminals are using this pervasiveness to their advantage.
According to analysis from security firm SonicWall, the number of malicious Office documents in circulation has skyrocketed since the turn of the year, totaling more than 70,000 - an increase of 176% over H1 2019.
The firm also observed an increase in sophistication among malware campaigns based on Microsoft Office. One new Excel malware in particular was found to contain facilities that allowed it to evade signature-based security software and hinder attempts at analysis.
- Check out our list of the best productivity software around
- Here's our list of the best malware removal services out there
- We've built a list of the best ransomware protection software available
“Threats are becoming more evasive and more nefarious, particularly those leveraging PDF and Office files,” the report notes.
“Cybercriminals are too sophisticated to use known malware variants, so they’re reimagining and rewriting malware to defeat security controls like traditional sandboxing techniques - and it’s working.”
Threat landscape
While malicious Office documents appear to pose an increasingly acute threat, this attack-type is but one of many faced by security teams today.
According to SonicWall, ransomware attacks are also on the rise, with 121.4 million attacks registered since the turn of the year - an increase of 20%. The potency of this kind of attack was emphasized this week, with fitness giant Garmin finding itself on the end of a ransomware attack that crippled its systems, causing a multi-day outage.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Cryptojacking cyberattacks are also said to have rebounded after a fall in 2019, with a huge increase of 252% in the US this year, while phishing remains an ever-present threat.
Security risk has also been amplified in recent months by the rise of remote working, brought about by the coronavirus pandemic, which has seen an unprecedented volume of employees operating outside the traditional security perimeter.
“This latest cyber threat data shows that cybercriminals continue to morph their tactics to sway the odds in their favor during uncertain times,” said Bill Conner, SonicWall President and CEO.
“With everyone more remote and mobile than ever before, businesses are highly exposed and the cybercriminal industry is very aware of that. It’s imperative that organizations move away from makeshift or traditional security strategies and realize this new business normal is no longer new.”
- Here's our list of the best antivirus services on the market
Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.