Malware attacks and data thefts are on the rise as evident from the recent news headlines. The mere use of antivirus software wouldn’t serve the purpose. The reason being, antivirus programs block attacks by using patterns or signatures to identify malicious software code. This signature-based detection was successful when the threats were lesser and spread over a good time frame.
2. Malware attacks and data thefts are on the rise as evident from the recent news
headlines. The mere use of antivirus software wouldn’t serve the purpose. The reason
being, antivirus programs block attacks by using patterns or signatures to identify
malicious software code. This signature-based detection was successful when the
threats were lesser and spread over a good time frame. Relying entirely on antivirus
solutions will not serve the purpose now because your system is exposed to threats in
routine situations.
The whitepaper published by John Metzger, Senior Product Marketing Manager, and
Jonathan Shaw, Product Manager at Sophos highlights eight everyday threats in which
we need to update the protection of our PC beyond traditional antivirus program. Let us
look at them and understand their implications:
1. The zero-day threat
Zero-day threats are those malware threats that are not recognizable as they didn’t
match up with earlier threats. As per the research report, “Zero-day threats can also
exploit zero-day vulnerabilities, or previously unknown security deficiencies that
software vendors have not yet patched.” In March 2011, unknown attackers unleashed
the zero-day attack on RSA Company by infiltrating its servers and stealing sensitive
information.
Preventive measure:
Run security scan on a regular basis to detect and remove the latest threats.
2. Working outside the firewall
Workplace has become mobile now and has provided opportunity to employees to
access their mails from outside – be it airports, hotels, cafes, or home. This access has
created an unsecured network. Cyber criminals can exploit such vulnerable networks to
push malicious software and spam through Conficker worm.
Preventive measure:
Keep your operating system up-to-date by installing the latest patches.
3. 3. The unpatched PC
As per the whitepaper, “One small unpatched vulnerability in an application, browser or
operating system can lead to huge problems.” Hackers invade such unpatched
computers with Conficker worms and instruct infected PCs to transmit valuable
information like financial account credentials.
Preventive measure:
Download and install all the latest patches on your computer. According to a Gartner
report, “90% of successful attacks against software vulnerabilities could have been
prevented with an existing patch or configuration setting.”
4. The uncontrolled application
Many of our favorite personal applications like instant messaging (IM), social networking
sites, peer-to-peer (P2P) clients, voice over IP (VoIP) and games, brings unacceptable
risk or performance issues. As per the research, in 2010, the U.S. Federal Trade
Commission sent letters to almost 100 organizations whose personal information,
including sensitive data about customers and employees, had leaked onto P2P
networks.
Preventive measure:
You can disallow the permission to install unwanted applications.
5. Web insecurity
One may visit some inappropriate sites, knowingly or unknowingly. These sites often
redirects to sites hosting fake antivirus programs also known as scareware. Infection
can even be spread from a compromised reputable site through browser plug-ins.
Preventive measure:
Use URL filtering mechanism to block all those sites know to host malware like porn,
hate, and gaming sites.
4. 6. The lost laptop
The difficult thing in a lost laptop is to recover exposed information. In a study
conducted for Intel in 2009, it was found that a single lost or stolen laptop could cost
approximately $50,000 to its owner.
Preventive measure:
Data encryption is the remedy to be used on all laptops and removable storage devices.
7. Misdirected e-mail
One typo error can send your important documents and confidential data to a wrong e-
mail id. This information can be exploited by criminals for organizing identity thefts.
Preventive measure:
You can ensure that files are encrypted before transferring through e-mails so as to
prevent any damage. You can also use data loss prevention software to warn the
recipient user or block the file transfer.
8. The infected USB device
USB device bypass your computer’s firewall protection and could be a source of
malicious software.
Preventive measure:
Verify the authenticity of thumb drives and CD before using them. Such removable
media may be contaminated with malware. You can also use software that allows read-
only access to such devices.
Conclusion
The best defense is use an endpoint protection solution that provides multiple layers of
protection, including live antivirus, behavior-based detection, web protection, application
control, patch assessment, network access control, data encryption, data loss
prevention, and device control.