Acceptable use policies may also include language about only using company assets for company business to ensure that proper security and compliance safeguards are in place unless otherwise authorized. A good start is using least privilege policies to ensure that not everyone can install and run executables, especially not without approval. Nikkel adds, 'Organizations can look into tooling that performs file integrity management on system files, but the fixes might be even more straightforward. They may also not be keen on waiting for a solution from management, approval from the company's risk or compliance organization, or the IT help desk, unfortunately.' In my experience, it's likely the result of people simply downloading the first thing in search results to find a solution, such as a patch or freeware, that's needed to finish a project or to do their work. 'In fact, this likely dates back to the earliest peer-to-peer software days at the turn of the century. Sean Nikkel, Senior Cyber Threat Intel Analyst at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, says the technique of hosting malware disguised as legitimate software is not new.
