Check Point warns of a PDF malware increase
Check Point Research discovered that approximately 70% of all file-based email assaults worldwide now use malicious PDFs. This amount reflects a 20% increase year over year.
Such a strong year-over-year increase suggests that cyber criminals consider PDFs as a viable virus distribution channel, which they will continue to use until applicable threat protection measures become widely used.
PDF attacks
According to Check Point security engineer Rudi van Rooyen, PDF-based attacks exploit flaws in standard signature-based security scanners. Cybercriminals embed concealed content in PDFs, which effectively escapes security measures.
The healthcare industry has been particularly severely struck by PDF-based attacks, and given the potential operational damage and human lives at stake, the necessity for effective defenses is clear.
AI-powered protection
To address this issue, Check Point created Deep PDF, an AI-powered engine. It uses deep learning techniques to review all PDF content components.
Deep PDF examines:
- The Internal Structure of PDFs
- Embedded images and placement
- embedded URLs and their context within the document
- Raw content in the PDF
According to Van Rooyen, Deep PDF technology is a component of Check Point ThreatCloud AI. It's available to all Check Point clients, from tiny enterprises to multinational corporations that use the entire security platform.
Check Point's ThreatCloudAI analyzes malicious PDFs using not only the Deep PDF tool, but also more than 300 machine learning features to conduct a thorough analysis of an email attachment and its payload.
Call to action for security leaders
The rapid increase in PDF-based malware suggests that security leaders should take action. Inadequate email security (signature-based defense) is no longer acceptable.
To stay ahead of attachment-focused adversaries, enterprises must proactively embrace AI/ML-driven threat prevention.
Partner with industry leaders in security, such as Check Point, to gain cutting-edge solutions capable of detecting and preventing even the most complex malware-based attacks.
Key takeaways for security leaders
- Leverage AI-powered technology, such as Deep PDF, can improve your organization's cyber security posture.
- Implement Employees participate in frequent cyber security awareness training. Discuss PDF-based attacks, how to handle a possibly malicious PDF, and what to do if a dubious file is unintentionally downloaded or viewed.
- Ensure that your organization has a detailed incident response plan. Provide specific methods for containing and minimizing cyber security events. Regularly test and adapt the plan to account for new threats, such as PDF-based malware.
- Collaborate across sectors and with security providers to provide stabilizing resources and assistance.
Source: CyberTalk.Org