The Australian Cyber Security Centre (ACSC) has recommended businesses Configure Microsoft Office Macro Settings to minimise the risk of cyber-attacks. Hackers can use macro viruses, or malicious macros, to infiltrate a computer network and run malicious code (malware). Macros enter a network via Microsoft Office documents downloaded online, via emails or via infected files transferred from one computer network to another.
Whilst programs have the option to disable all macros, Microsoft macros are designed to automate repetitive tasks in Microsoft Office programs; specifically, Excel and Word. This means many businesses rely on macros to operate efficiently on a daily basis.
Smart configuration of macros is therefore key to ensuring businesses minimise risk, whilst maximising productivity. Configuration of Microsoft Office Macro Settings is included in our Cybersecurity Management Systems (CSMS) packages from the SILVER level up.
Macros are microprograms written in Visual Basic for Applications (VBA) which are designed to support repetitive tasks in Microsoft Office programs, particularly Excel and Word. Macros are created by recording or storing input sequences, such as mouse strokes or keyboard presses, to form a set of instructions for a program. When the user wants to implement the string of instructions, they can simply run the macro rather than creating the same long list of instructions again and again.
Unfortunately, malicious macros operate in the same way as trusted macros. As macros are microprograms, malicious macros can open and automatically run a string of instructions which have been developed by a hacker. This may include telling your computer to embed the malicious macro into other files, send emails to all your contacts with the malicious macro attached, or run a ransomware program on your system.
Macros can only run if they are opened in an associated program; such as Excel or Word. Therefore, configuring Microsoft Office macro settings is vital to reducing the risk of macro viruses. Configuration needs to be undertaken on a business by business case. For businesses that rarely use Excel and Word, they may consider completely disabling all macros and blocking any new macros from starting. However, for many businesses, macros create efficient processes and are required to produce daily work.
Our SILVER and higher CSMS Packages can support smart macro configuration to reduce the risk of malicious macros.
Configuring Microsoft Office Macro Settings is one of the ACSC’s four strategies to prevent malware delivery and execution. Infected Microsoft Office documents (such as Word .DOC or Excel .XLM) attached to emails are the primary source of malicious macros attacking businesses. In fact, macro viruses are one of the most common forms of cyber-attacks. Here are our top five reasons for Configuring Microsoft Office Macro Settings to stop malicious macros.
Configuring macro settings differs for all businesses. There are many factors to consider, with the core factor being: how much does your company rely on macros? Unfortunately, many employees and managers don’t know the extent of this answer.
There is a range of approaches to macro-management, from disabling all macros to implementing a case by case file management which puts the user in charge of which macros to enable or not. Our approach is to undertake advanced configuration via enabling digitally signed macros to enable common/known macros to undertake their daily operations and block any unknown macros from running. Our central management of this system ensures that any new trusted macros are also allowed to run. This improves the general day to day hassle of determining which macros are safe and which are viruses.
Our Microsoft Office Macro Setting Configuration services are included in all our CSMS packages from SILVER higher.
Get in touch with our friendly team, we can provide you with all of the information you need to make the best decision for your business.Contact Us