There are a number of documents used in the business setting. These include resumes in the Human Resources Department, budgets in in Finance, and budget costs for projects. These documents have a commonality in their functionality. Years ago, and recently resurfacing, an attack was envisioned and implemented. Office documents include the function of macros, which by design were intended to assist the user. These began to be included to complete malicious acts by third parties. These were exceptionally useful for the attacks to the point where the macro functionality was turned off by default. As time passed, this attack passed out of vogue, as it became ineffective, but started to be used again as this function was used more frequently.
Another form of a document likewise used throughout the business is the PDF. This commonly is used to form a document from another form, e.g. a Word document, or other documents are scanned as a PDF. This is used without hesitation as these are seen in virtually every single office. Although seemingly mundane, this well-used type of document is still weaponized and used against targets. This has been used extensively due to the ease of use with engineering the malware. In addition, the users are receiving these regularly, which has assisted in the acceptance and usage without applying a sense of security to receive the source of this (e.g. which person was sending the email containing the PDF).
The users should, through various training opportunities, learnt o still be vigilant, even with PDFs. The users should still monitor who the emails are from.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!