What is Malware & How To Protect Yourself From It
Adam Gleeson, Vendor Alliance Manager at CyberLab, discusses how malware is one of the biggest security threats to modern businesses and offers five easy steps to protect your business. He covers:
- What is Malware?
- The modern malware threat
- Five steps to protect against malware
October is cyber security awareness month. Protecting your business from malware can seem like a daunting task, with cyber criminals constantly upping their game and trying to infect as many devices as they can to make money.
It’s not all doom and gloom, there are steps you can take to make your business more cyber secure and defend against threats like malware.
What is Malware?
Malware, which is a short for “malicious software”, is an umbrella term for programs that cyber criminals use to try and gain access to their victim’s systems and data. Malware is a broad category, and can generally be broken down into some of the key types of malwares:
- Virus – you’ve probably heard of this one before, it’s the type of malware that can infect, delete, and corrupt your files.
- Worm – this pesky malware jumps from one device to another connected device, infecting them as it moves along.
- Trojan Horse – this malware disguises itself as legitimate software, so you might get tricked into downloading it, but it’s designed to act as a “backdoor” into your device for other malware to exploit.
- Adware – this malware displays advertisements (pop-ups) and more than just being an annoyance, can leave your system vulnerable to other types of malwares.
- Spyware – this malware tracks passwords, credit card information and any online behaviour.
- Rootkits – this type of malware is designed to allow privileged access to a computer or program without detection, meaning that the cyber criminal can act on your computer as if they are an administrator.
The Modern Malware Threat
Historically, malware sat within one of the above categories and were common threats that IT systems had to deal with. Today, whilst they do still exist, these types of software are very much the ancestors of modern cyber threats.
Cyber threats today make use of the mechanisms developed for these older threats but rather than them existing individually, they are far more sophisticated using one or more of these modus operandi; that is, modern threats may hide using the disguise of a trojan, they spread like a worm, they cause disruption like viruses, and they may lurk in the background hoping to catch a user or administrator inputting a password.
Their motivation has changed too, in many cases the historic malware had the primary intent of being a nuisance or causing disruption to the operation of an IT system or service and stopping there. The motives now are much purer. Cyber criminals want money. They use the disruption to blackmail or coerce businesses into handing it over. As a result, covert encryption of business data via ransomware is the most common threat facing any modern business.
This has been compounded in recent months by the widespread adoption of double-extortion tactics by ransomware gangs; whereby the disruption of encrypting company data is compounded by blackmail demands for further ransoms to be paid lest the attackers start releasing sensitive company data stolen prior to the data being encrypted.
Five Steps to Protect Against Malware
Traditional Antivirus (AV) uses a huge list of known malware to provide protection against. Historically, this was enough to keep your systems safe, but the problem is that today the cyber threat landscape changes so quickly that new threats emerge faster than these known malware lists can be updated. This means that at any time there is a good chance a user will encounter malware and the antivirus will not recognise it as such.
The recommended approach today is to utilise what are known as Next-Gen AV solutions, these solutions no longer rely on virus definitions but instead look at the behaviours that software exhibits – using AI and Machine Learning to looks for known malicious behaviour patterns, the Next-Gen AV can detect brand new malware with a very high degree of success and is therefore a key element for you to have in your defensive arsenal.
Administrator rights should be given sparingly, so cyber criminals have less chance of accessing accounts with the ability to do damage to your systems. Administrative accounts should be used only for that purpose, and users should have their own separate accounts for day-to-day work that don’t have access to administrative privileges.
With mobile devices, you should ensure that only approved downloads for mobile apps from manufacturer-approved stores like Google Play or the Apple Store. This minimises the risk of accidentally downloading malware.
Make sure that any device that has access to your business’ data is secured and controlled. Solutions such as Microsoft Endpoint Manager (EMM) or Sophos Mobile can help manage your mobile devices, control what data is available to your people and how that data is used.
Update your software
Keeping your software up to date is key. Software updates can bring new features, functionality and most importantly, security updates. Known vulnerabilities are often fixed in “patches” and if you don’t keep your software up to date, these known vulnerabilities can be exploited by cyber criminals.
When software reaches “end of life” this means it is no longer updated or supported by the developer. You should eliminate any unsupported software as it could leave your business vulnerable.
Running a vulnerability assessment is a great place to start for identifying systems and areas that could be leaving your business vulnerable, or if you’ve already started your cyber security process it could identify anything that has been forgotten or missed.
Control USB devices
USB devices are a useful way to transfer files. Unfortunately, they also pose a significant security risk. By creating an environment where USB devices are openly shared and used, all it takes is one user plugging in an infected USB to cause chaos for the whole business.
As a rule, it’s best to eliminate the use of USB devices where possible by blocking access to physical ports for most users and only allowing use where strictly necessary internally with an approval process.
Use a firewall
Firewalls are one of the simplest ways to protect your internal business network from the outside world (the internet). Firewalls act as the first line of defence against threats, creating a buffer zone and acting as a filtration system, scanning for threats, and refusing access to your network. Most operating systems have a basic firewall, so make sure it is switched on.
Security Consultation with an Expert
These five steps are just some of the ways that you can protect your business from malware. Cyber security is important for any business, so if you’d like to talk to a security expert about your business and how to keep it safe from cyber criminals get in touch for a free consultation.
Book Your Free 30-Minute Consultation
Our expert consultants are here to take the stress away from cyber security.
Whether you have a pressing question or big plans that need another pair of eyes, discuss it in a free 30-minute session an expert consultant.