In January 2021 the FBI partnered with global law enforcement agencies and private companies to take down the Emotet malware. However, just eleven months later Emotet attacks began again. This destructive malware family continues to evolve, emphasizing the need for organizations to prioritize cyber security in the new year.
Emotet first emerged in 2014 as a simple banking trojan. Since then, it has evolved into one of the most dangerous botnet operations in the threat landscape. Two years ago, a combined effort of law enforcement and cyber security experts from around the world celebrated its demise. But Emotet re-appeared after months, stronger than ever.
Emotet attacks use phishing campaigns to trick organizations into infecting themselves with malicious software. Typically, the phishing emails include attached Microsoft files that contain dangerous macros. When executed, the macros spread the Emotet infection throughout a network of connected devices, creating a robot network or “botnet.”
Attackers can then control the botnet remotely. For instance, they may use the infected devices to launch a distributed denial of service (DDoS) attack. Botnets can also be used to generate fake website traffic, mine cryptocurrency and steal information. And criminals may rent a botnet to other bad actors as part of a malware-as-a-service scheme.
In the latest versions of Emotet, phishing emails include Excel templates with instructions on bypassing Microsoft’s Protected View. The malicious code inserted by infected files has also evolved to make it more difficult to detect.
Organizations should take deliberate steps to reduce the risk of a successful attack. For instance, since Emotet typically uses macros in attached Microsoft Office files, companies should consider disabling macros unless they are signed.
Additionally, Emotet and other malware families commonly use email as a delivery device. Consequently, organizations should periodically review and update their email filters. And they should conduct regular security awareness training and phishing simulations. End users may prove the most important defense.
Continuous monitoring of network activity will also prove critical to catching infections early. With automated 24×7 monitoring, organizations can spot and address potential issues before they cause damage.
While Emotet poses significant danger, it represents just one of the cyber security threats facing organizations in 2023. For instance, security experts warn of the following:
Additional factors complicate the cyber security landscape. With tensions increasing both abroad and at home, cyber crime has become a weapon of war. For instance, wiperware attacks have increased dramatically since war erupted in the Ukraine. Also, the explosion of connected devices, combined with continued remote work, drastically expands the attack surface.
Organizations cannot afford to leave critical digital assets under-protected. At the same time, the economic downturn and the cyber security skills gap make it difficult for companies to mount an effective defense. Partnering with cyber security experts can help.
eMazzanti provides a full range of cyber security services, from risk assessments and penetration testing to continuous monitoring and email defense. Our consultants will work with your organization to tailor a security strategy to your needs and budget.
Think of all the devices accessing your network, from laptops and PCs to tablets and…
Penetration testing, the process of simulating cyberattacks to identify vulnerabilities, plays an essential role in…
Carl Mazzanti is the president of eMazzanti Technologies in Hoboken. Is your organization trying to…
Migrating to the cloud delivers undeniable business benefits. But it also opens the door to…
Carl Mazzanti is the president of eMazzanti Technologies in Hoboken. One of our clients —…
With the new Microsoft Planner joining the Microsoft 365 universe this year, users are taking…