Macros are a significant cybersecurity risk for Australian businesses. They are a common tool for cybercriminals to exploit in phishing attacks, and they can cause significant damage if left unchecked.
However, there are several steps businesses can take to reduce the risk of macro-based attacks, such as disabling macros or using Microsoft’s Office 365 ATP service.
Securing macros is one of the Essential Eight risk mitigation strategies developed by the ACSC. By implementing these strategies, businesses can reduce their risk of cyber attacks and protect their sensitive data and operations from harm.
This article is part of our series on the Essential Eight risk mitigation strategies.
In case you missed Parts 1,2 and 3, you can review them here:
Part 1: What is the Essential Eight and why should I care?
Part 3: Patching of Operating Systems & Applications
Macros are small programs or scripts that are embedded in documents such as Microsoft Office files, PDFs, and emails. They are intended to automate repetitive tasks, but they can also be used for malicious purposes. Macros have become a common tool for cybercriminals to exploit, and Australian businesses are not immune to the risks they pose.
One of the most common ways macros are used in cyber attacks is through phishing emails. These emails often contain an attachment or link that, when clicked, downloads a document with a malicious macro embedded in it. When the document is opened, the macro executes and can infect the victim’s computer with malware, steal sensitive data, or launch a ransomware attack.
A recent example of a macro-based attack in Australia was the Mailto ransomware attack that hit Toll Group, a large logistics company, in 2020. The attack used a macro-enabled document in a phishing email to gain access to the company’s network and deploy the ransomware. The attack caused widespread disruption to Toll Group’s operations and cost the company millions of dollars in damages.
To reduce the risk of macro-based attacks, businesses can take several steps.
Macros can be disabled altogether or configured to only allow macros from trusted sources.
Microsoft also offers several tools that can help reduce the risk of macro-based attacks, such as the Office 365 Advanced Threat Protection (ATP) service. This service includes features such as Safe Attachments and Safe Links, which can detect and block malicious macros and other threats in real-time.
The team at Dynamic Business Technologies help businesses to continuously improve their security posture using the Essential Eight risk mitigation strategies developed by the Australian Cyber Security Centre (ACSC).
Our team can work with you to assess your current security posture and develop a roadmap for implementing the Essential Eight strategies. We can also provide ongoing monitoring and management services to ensure that businesses stay up-to-date with the latest threats and vulnerabilities and are continuously improving their security posture.
To find out more, reach out to our team TODAY
For more information on the Essential Eight go to https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-explained
