CyberTalk

Check Point warns of PDF malware surge

EXECUTIVE SUMMARY:

In a startling discovery, Check Point Research has found that nearly 70% of all file-based email attacks worldwide now leverage malicious PDFs. This figure represents a 20% increase, year-over-year.

Such a sharp year-over-year spike indicates that cyber criminals perceive PDFs as an effective malware delivery mechanism — one that they will continue to employ until relevant threat prevention tools see widespread adoption.

PDF attacks

As Check Point security engineer Rudi van Rooyen explains it, PDF-based attacks exploit vulnerabilities in traditional, signature-based security scanners. Cyber criminals embed hidden content in PDFs and the content effectively bypasses security checks.

The healthcare industry has been particularly hard-hit by PDF-based threats and, given the operational damage that could occur and the lives that could be affected, the need for effective countermeasures is readily apparent.

AI-powered protection

To address this issue, Check Point has launched an AI-powered engine called Deep PDF. It utilizes deep learning algorithms to review all PDF content components.

Deep PDF examines:

Says Van Rooyen, Deep PDF technology is a component of Check Point’s ThreatCloud AI. It’s available to all Check Point customers; from small businesses to multi-national companies that leverage the complete security platform.

To analyze malicious PDFs, Check Point’s ThreatCloudAI not only utilizes the Deep PDF tool, but also deploys over 300 machine learning features to conduct a comprehensive analysis of a given email attachment and its payload.

Call to action for security leaders

The sharp spike in PDF-based malware indicates that security leaders need to take action. Flawed email security (signature-based defense) is no longer good enough.

To stay ahead of attachment-focused adversaries, organizations need to proactively embrace AI/ML-driven threat prevention.

Partner with industry leading security providers, like Check Point, to obtain cutting-edge technologies that can effectively detect and prevent the most sophisticated of malware-based attacks.

Key takeaways for security leaders

For technical information concerning PDF-based threats, please visit the Check Point Research website. For more malware-related insights, please see CyberTalk.org’s past coverage.

Lastly, to receive thought leadership insights, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.

 

Exit mobile version