Ep. 34 Weaponized Files and Federal Security

In today’s interview, Darin Curtis from Menlo Security gives an overview of how to protect against these kinds of threats. To describe this new category, he uses a curious acronym HEAT, Highly Evasive Adaptive Threats.

Malicious actors leave no stone unturned in creative ways to attack federal technology. We all know that the perimeter has been breached and we must rely on Zero Trust Architecture.

The next level of attack is to attack the word “trust” itself.

Traditionally, file formats like PDFs have been viewed as unbreakable. When most people get an email from a colleague with a PDF file, they would normally trust it. This is also true with Excel or Word documents that are transferred on a normal business day.

Today, these files can have malicious code injected into them.

Another approach is to take advantage of that “trust” in HTML code. Some malicious actors will disguise malware into HTML code, called HTML Smuggling. This time, instead of a PDF in an email, it may be an innocent link. This is made possible by HTML5’s ability for download capability.

During the interview, Darrin reinforces the concept that compliance does not ensure an agency is secure. Some studies show ransomware is one of the biggest single threats to government networks; the delivery mechanism can include these HEAT files.

If this interview piques your interest in Menlo Security, then you can download the free report titled “Modernizing Secure Access Through Zero Trust”