Malware

Malware is a generic term used to refer to any virus or program that infects your computer. If a phishing email is the delivery mechanism, malware is the actual attack. There are many different types of malware.

Viruses – Viruses are a form of self-replicating malware that attack and spread on your device or network. Viruses often hide within downloadable files. When those files are downloaded, the virus springs into action and replicates quickly.

Trojans – Trojans are files that appear to be legitimate, but in fact, contain malicious code. Unlike viruses, trojans do not self-replicate. Instead, they rely on tricking people into sending them directly to their next target.

Ransomware – Ransomware works by encrypting as much data on your network as possible. The hacker promises to give you the decryption key after the ransom is paid. We’ll look more closely at ransomware in the next section.

 AdWare – Adware is software installed on your device that serves unwanted and intrusive ads. It often manifests as frequent popups that are very difficult to navigate away from.

Spyware – This type of malware tracks a user’s activity on their device. Keystroke loggers are the most common spyware programs. By tracking your keystrokes, criminals can steal your IP addresses, personal data, usernames, and passwords.

Your IT Team’s Malware Defense

Whether you’re utilizing Microsoft Windows or another operating system, you can protect your business against malware attacks by:

• Using robust endpoint protection software that identifies and blocks known malware. For businesses, we recommend upgrading from an antivirus solution to a more modern EDR or XDR solution.
• Ensuring all software is up to date. Malware often exploits vulnerabilities. Newer versions patch these vulnerabilities, but older versions are still susceptible to attack. Older versions of software without security patches are susceptible.
• Installing a Next Generation Firewall on your network. NGFWs are constantly updated to prevent the latest malware from infecting your network.
• Training users not to download files from unknown sources. Educate them on the signs of infection so they can report unusual activity to IT.

Ransomware

Ransomware is a type of malware, but it is so costly that it deserves special attention. Unlike other forms of cyberattacks that steal data, ransomware is designed to steal money.

A ransomware attack follows these general steps:

1. Ransomware makes its way onto your network, often through a phishing email or malicious website.
2. The malware will either immediately begin encrypting files, or it will lay dormant for weeks before attacking. The delay makes it more difficult to recover from a recent backup.
3. After encrypting your data, the hacker sends a message demanding payment to decrypt your data.
4. Once paid off, the hacker may decrypt your data or might demand even greater payments.

Your IT Team’s Ransomware Defense

In addition to the malware tips above, you should also:

• Create a strong backup and disaster recovery strategy. With the right plan and backup tech, you can restore your environment to a state before the infection.
• Practice good data segmentation to limit the impact of a successful ransomware attack.
• Consider investing in a scanner for your operating system.
• Educate employees about the seriousness of ransomware. Protecting the company from major financial losses is a shared responsibility across the entire organization.

Social Engineering

Social engineering uses human psychology to trick employees into granting unauthorized access or divulging sensitive information. This attack happens in person and online. Hackers know just what to say and how to look to get what they want.

Consider this example – A hacker learns you use LeeShanok as your IT provider by talking to your company at a tradeshow. The hacker creates a custom shirt and business cards with the LeeShanok logo. They visit your site and tell the receptionist they’re here to work on your server.

They are escorted back to your server room and no one bats an eye. The hacker knew exactly what to say and how to look to get access.

Other examples of social engineering attacks include:

• Spoofing a phishing email to make it look like a sensitive request from your CEO.
• An unknown friend connecting with you on LinkedIn or other social media to get more information on you and your company
• Compromising a trusted vendor’s email address and asking for sensitive information while pretending to be the vendor.

Your IT Team’s Social Engineering Defense

Social engineering can take attacks outside of the digital world. It’s still IT’s responsibility to defend against social engineering.

• Be conscious of your business’s online presence; ensure that no confidential data is being posted to social media.
• Strengthen your human firewall by teaching your employees how to detect social engineering attempts.
• Have clear sensitive data policies and appropriate labels on confidential documents. This will make it harder for employees to remove sensitive data, either accidentally or maliciously.
• Consider the use of ethical hacking tools. An ethical hacking tool is an authorized attempt to gain unauthorized access to a computer system, application, or data in order to bolster security in the future. The best ethical hacking tools involve duplicating strategies and actions of malicious attackers.

How to Make these Hacker’s Tools Useless

Hackers are always evolving their attacks. This means our defenses must evolve as well. Beyond the technology, there’s one common thread that will help keep you safe no matter what: Education.

Cybersecurity training will protect you from the human error that’s common in almost all attacks. Check out our events page for our upcoming cybersecurity awareness trainings!