Secure MS Macros

Prevent macro viruses whilst maintaining efficiencies by Securing Microsoft Office Macro Settings.

Secure Microsoft
Office Macros

The Australian Cyber Security Centre (ACSC) has recommended businesses Secure MS Macros, also known as Configuring Microsoft Office Macro Settings, to minimise the risk of cyber attacks. Hackers can use macro viruses, or malicious macros, to infiltrate a computer network and run malicious code (malware). Macros enter a network via Microsoft Office documents which have been downloaded online, attached to emails or via infected files transferred from one computer network to another.

Whilst programs have the option to disable all macros, Microsoft macros are designed to automate repetitive tasks in Microsoft Office programs; specifically, Excel and Word. This means many businesses rely on macros to operate efficiently on a daily basis.

Smart configuration of macros is therefore key to ensuring businesses minimise risk, whilst maximising productivity. Securing MS Macros is included in our Cyber Security Management System (CSMS).

What is Securing Microsoft Office Macros?

Macros are micro-programs written in Visual Basic for Applications (VBA) which are designed to support repetitive tasks in Microsoft Office programs, particularly Excel and Word.

Macros are created by recording or storing input sequences, such as mouse strokes or keyboard presses, to form a set of instructions for a program. When the user wants to implement the string of instructions, they can simply run the macro rather than creating the same long list of instructions again and again.

Unfortunately, malicious macros operate in the same way as trusted macros. As macros are microprograms, malicious macros can open and automatically run a string of instructions which have been developed by a hacker. This may include telling your computer to embed the malicious macro into other files, send emails to all your contacts with the malicious macro attached, or run a ransomware program on your system.

Macros can only run if they are opened in an associated program; such as Excel or Word. Therefore, securing macros via configuring Microsoft Office macro settings is vital to reducing the risk of macro viruses. Configuration needs to be undertaken on a business by business case. For businesses that rarely use Excel and Word, they may consider completely disabling all macros and blocking any new macros from starting. However, for many businesses, macros create efficient processes and are required to produce daily work. A key barrier to establishing a control for applications is it can be incredibly time-consuming in identifying all the trusted applications you wish your computer to run.

Our CSMS enables smart macro configuration to reduce the risk of malicious macros.

Benefits of

Securing MS Macros

Securing MS Macros, via configuring Microsoft Office macro settings, is one of the ACSC’s four strategies to prevent malware delivery and execution. Infected Microsoft Office documents (such as Word .DOC or Excel .XLM) attached to emails are the primary source of malicious macros attacking businesses. Macro viruses are one of the most common forms of cyber attacks. Here are our top five reasons for Securing MS Macros.

Five reasons to
Secure MS Macros

photo
PREVENT MACRO VIRUSES
Securing macros dramatically increases protection from macro viruses (malicious macros). A core issue is that malicious macros are malicious microprograms which can ultimately run any function the creator has instructed. The key is to stop the macro running, even if someone accidentally clicks on a dangerous email.
photo
SAFEGUARD EMPLOYEES
Macro viruses are often the result of someone clicking on a malicious email or downloading an infected file online. Often this mistake is innocent, however, if a company does not have appropriate macro settings, the malicious macro can cause grave companywide damage. Yet the macro can also cause damage to the user, such as sending emails from their inbox or creating and deleting files or images. Further, the macro can find personal information, resulting in individual extortion. Configuration of macro settings can prevent both business and personal exposure.
photo
PROTECT CLIENTS AND CONTACTS
A key tactic of active malicious macros is to instruct Microsoft Outlook to send an email to a large number of contacts, with the malicious macro attached. This means that if a macro virus gets onto your system, your clients and contacts could also be at risk.
photo
REDUCE DOWNTIME
Once installed onto a computer, macro viruses not only run dangerous microprograms on a computer, but they also cause a mass slowdown of systems. This may occur before the user even knows they have been hacked.
photo
MINIMISE THE RISK OF PHISHING EMAILS
‘Phishing’ scams are when hackers use email, spam or fake websites to convince the victim to give them personal information such as passwords and credit card details. Phishing emails often look like they are from trusted organisations, such as banks, government bodies or Australia Post. The email appears real and will ask the user to download an attachment; which is ultimately a malicious macro. Whilst securing macros will not stop phishing emails, it will prevent the macro from running on the computer in the case the email is accidentally opened.

Implementing a Strategy to Secure MS Macros

Securing and configuring macro settings differs for all businesses. There are many factors to consider, with the core factor being: how much does your company rely on macros? Unfortunately, many employees and managers don’t know the extent of this answer.

There is a range of approaches to macro-management, from disabling all macros to implementing case by case file management which puts the user in charge of which macros to enable or not. Our approach is to undertake advanced configuration via enabling digitally signed macros to enable common/known macros to undertake their daily operations and block any unknown macros from running. Our central management of this system ensures that any new trusted macros are also allowed to run. This improves the general day to day hassle of determining which macros are safe and which are viruses.
Our service to secure your MS macros is included in our CSMS.