Fileless Attacks Reinforce the Need for Multiple Methods of Detection [infographic]

fileless attacks

Fileless attacks are not new, but they are becoming more prominent, according to a report by the Poneman Institute. It’s a reminder that while signature detection is a fundamental necessity in cybersecurity, it’s not enough for an enterprise to rely on a single method of threat detection.

Fileless attacks are especially elusive because they can launch from memory rather than from an executable file. Since traditional signature detection works by matching attributes – signatures – found in files, the fileless attack can evade that method of detection. It’s an emerging risk because many enterprises rely on signature detection to protect endpoints.

According to the study, 54% of respondents said adversaries had compromised endpoints within their organization over the 12 months. Of those attacks, about three-quarters (77%) said the vector of attack was fileless.

The survey attributes the cost of such attacks at a little more than $5 million. That value is fairly consistent with previous Poneman estimates around the cost of a breach – $3.62 million when considering global figures and $7.35 million when averaging the cost of just U.S.-based breaches.

Earlier this year, we published a write up about this study – Study on Fileless Attacks Underscores Risk of Over-Reliance on Endpoint Security – on the Bricata blog. It has earned enough interest that we thought it useful to transform into a graphical format and add it to our library of security infographics.

Fileless Attacks Infographic

If you enjoyed this post, you might also like:
Illustrating the Cybersecurity Alert Deluge [infographic]

Back to Blog


Bricata Included as a Representative Vendor in a new Market Guide for Intrusion Detection and Prevention Systems by Gartner, Inc.
“IDS is still a widely deployed use case. Despite claims of IDS being dead, it is alive and well, and in use by a large percentage of Gartner clients,” wrote Gartner analysts.
+ +