Banks Increasingly Must Battle Ransomware, Fileless Attacks | eWeek

Good Tools Increasingly Used in Fileless Attacks, Carbon Black Finds

1088_ToolsFilelessAttack
May 31, 2018
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


Good Tools Increasingly Used in Fileless Attacks, Carbon Black Finds

Good Tools Increasingly Used in Fileless Attacks, Carbon Black Finds

Banks are among the most targeted industry verticals by cyber-criminals and with good reason—banks are literally where the money is. Security firm Carbon Black released a report on May 22 that provides insights into how hackers are going after banks. The “Modern Bank Heists: Cyberattacks & Lateral Movement in the Financial Sector” report surveyed a select group of 40 chief information security officers (CISOs) at major global financial institutions. Among the top findings in the study is that so-called “good tools” including PowerShell are increasingly being used in non-malware, or “fileless,” attacks. Ransomware is also a challenge, with 90 percent of financial institutions reporting being targeted by ransomware in 2017. In this slide show, eWEEK looks at some of the highlights from Carbon Black’s Modern Bank Heists report.


Attackers Using Good Tools for Fileless Attacks

Attackers Using Good Tools for Fileless Attacks

According to Carbon Black, non-malware, or fileless, attacks now account for more than 50 percent of successful breaches. Among the top tools used for fileless attacks are “good tools” that are intended to be used by developers for legitimate purposes. The most often abused good tool, according to the survey’s respondents, is PowerShell, followed by Windows Management Instrumentation (WMI).


Ransomware Is Rampant

Ransomware Is Rampant

Ninety percent of the financial institutions surveyed by Carbon Black reported being targeted by ransomware in 2017.


Not All Banks Do Threat Hunting

Not All Banks Do Threat Hunting

With threat hunting, cyber-security professionals actively seek out potential risks within an organization, rather than just waiting for perimeter defenses to identify threats. Thirty-seven percent of financial institutions in the Carbon Black survey reported that they have established threat hunting teams.


Advertisement

Attackers Countering Incident Response Efforts

Attackers Countering Incident Response Efforts

Bank hackers aren’t just sitting idly by as financial institutions respond to threats. One quarter of survey respondents reported that attackers adapted and reacted to defender actions with counter incident response efforts.


Destructive Attacks Take Aim at Banks

Destructive Attacks Take Aim at Banks

While ransomware attacks aim to yield a direct financial gain for hackers, Carbon Black found that some attackers have destructive aims. One in 10 respondents reported their financial institutions encountered destructive attacks that included wipers and cryptoware that does not demand ransom.


Supply Chain Risks Are a Concern

Supply Chain Risks Are a Concern

Looking beyond just direct attacks, 44 percent of respondents to the Carbon Black survey reported that they are concerned with the security posture of their supply chain and technology service providers.


Russia-phobia

Russia-phobia

Attacks can come from anywhere in the world, but when asked which country’s cyber-hacking activities are of most concern, the majority of CISOs surveyed by Carbon Black said Russia.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.