Series: Password Protected Files Filtering; Threats, Gaps, Challenges

 

Popular password protected files can be as simple as Microsoft Office files (Word, Excel, PowerPoint), PDF, or Archive files (.zip, .7zip, .rar). The risks are clear, in these popular files security threats can be significant. We are talking about Macro in Microsoft Office files, Script in PDF files, executable files in Archive files.

The moment the end user opens the password protected file with the known password, the internal threat is exposed. In most of the cases the internal threat (such as Macro, Script, ActiveX) will be executed automatically as part of the file opening process, without the user even being aware, or the ability to stop it.

There are many ways to receive password protected files, the most popular way to transmit them is as an Email attachment.

The passwords for these files can reach the user in many ways: Email (beside the attachment, or separately), mobile SMS, Chat.

Part of the challenge of filtering the files includes the fact that passwords are generally private to the user and can arrive in various ways, while the passwords are unknown the system administrators and unknown the common security systems at the gateways(including: Anti-Virus, Mail-Gateway/Relay, Sandbox, Firewall) which will simply forward the password protected files containing the threats, without any real filtering their content before they are received by the users.

A real file filtering solution such as YazamTech’s SelectorIT, provides a professional response, starting from blocking password protected files which can’t be really filtered, and continue to the more sophisticated solution of filtering the internal content of these files while the protected passwords are supplied by the users in real time as part of the filtering process.

To read more about SelectorIT please see https://yazamtech.com/selectorit/