Organized cyber criminals, state-sponsored hackers and other bad actors intent on industrial espionage use executable apps and highly sophisticated malware that can bypass normal types of cyber-protection.
They’ve devised a dizzying array of fake apps disguised as legitimate apps to sneak into corporate networks and exfiltrate data. Users download these unauthorized apps to their devices when they don’t have the right software to do their jobs, often productivity tools such as PDF mergers and splitters, calculators, video capture and editing tools, and others. Not to mention all the insecure apps they download for personal use, such as video chatting, calendars, media downloading, file transfer, faxing, etc. Once the apps are launched, they can collect and steal sensitive data in the background without being noticed.
People also get infected without knowing they’re even installing malicious software. They click a link, which downloads and installs malware without their knowledge. In other cases, people click email attachments, which unleashes hidden malware. And in some particularly pernicious attacks, someone downloads a file such as a Word document with macros that triggers PowerShell to run malicious code.
A good multilayered endpoint security solution helps detect and block many malicious apps and advanced malware, but by itself can’t always detect and block surreptitious data theft. For example, stealthy malicious software such as Infostealer trojans, once installed, establish backdoors to gather and exfiltrate confidential information from compromised computers and send it to pre-determined locations. The malware can stay dormant on an endpoint until the attacker slowly exfiltrates data using a command-and-control connection.