When was the last time you reviewed your IT security? Chances are, not recently enough…Security is utterly paramount in today’s world in the battle against malware, whether you’re a global organisation, a small company or even an individual. Whilst different measures are appropriate in different situations, we all need to take action, be aware and know the signs of a potential threat. Over 20 million zero-day viruses were released onto the internet in 2012 alone…so even with the strongest protection – can any of us really be safe?
Before the internet existed, and even in its early stages, IT security and malware were phrases uncommon to the masses. Today, words such as “virus” are most commonly associated with a computer problem and not something you go and see a doctor about. Anti-virus software, trojans and Spyware are all well-known today, not just among IT professionals but throughout all computer users. Why is this? Sadly it’s because we’ve all had to hear them on the news, through the grapevine or through first hand experience of dealing with it.
The question is: Are we doing enough to protect against malware? Before we begin to answer that question its important to understand that everything is never quite good enough. Draw your attention to the aforementioned statistic about zero-day viruses. For those of you unaware what this means, zero-day viruses are new strands of a virus that has not previously had an anti-virus patch built for it. 20 million is a staggering number – that’s one for every 3 people living in the UK.
Viruses are like flu-jabs – they immunize you against known threats, but whilst they can protect against predicted common trends and cover exposed areas of weakness, sometimes, a virus still gets through the protection.
The difficulties in knowing if we’re doing “enough” must first be addressed in understanding the areas of risk. Malware comprises of many things – viruses, trojans, worms, adware and scareware to name but a few. We recommend reading our article on the differences between these.
Commonly people think installing anti-malware software such as Sophos, Symantec or Norton will solve all problems and safe internet usage can commence – but this is only part of the story. Whilst you “get what you pay for” in terms of protection software, most purchased tools (as opposed to free ones) will offer a similar level of service and are paramount in preparation for browsing the web. Larger organisations who might become victim of a targeted attack will need more sophisciated measures but for smaller firms and individuals, something such as Sophos, Norton, Symantec or Kaspersky will be adequate.
Passwords are another area for concern – too simple and hackers will easily enter your private accounts and cause havoc – some will use your account to search for bank details, identity fraud or simply to further propagate a virus. Extreme circumstances in Hotmail hacking have seen user’s have their entire accounts transferred to another online service. However, whether your password is for online email, banking or your computer at work – it needs to have reasonable complexity to fool spammers but not overly complex that users need to write it down – the ultimate in security breaches!
It is understood from those in the cyber security industry that passwords shorter than 15 characters can be hacked within minutes, given the right tools – 16 characters and above requires a deeper level of complexity. Contrary to popular belief, passwords using capital letters, numbers or symbols are no more secure than those that don’t. The exception to this is when the body offering a login to something doesn’t allow anything other than lowercase letters – this reduces the number of password combinations considerably.
It isn’t just passwords and software that will save the day – being rigorous in creating solid hardware firewalls (that sit between your router and internet connection) will be able to block out things such as Denial of Service (DoS) attacks which bombard a computer or server with access requests until the computer either logs in or crashes, needing manual intervention. Firewalls also protect against less commonly-used communication ports – some will block all but ports 80 and 433 (http and https respectively).
Then of course there’s user education – learning to identify the risks users pose to themselves and anyone else on their network are hugely important. When checking emails, browsing the web or using social media, users need to be aware. All it takes is for an un-educated user to click a seemingly innocent link in an email which turns out to be malicious or be victim of a pop-up fraud insisting the user click the pop-up to remove a virus, when in fact is installs one. User education must not be over looked because links sent through the continually-target mediums of email and social media, might not be preventable from anti-malware software.
Of course, it’s not just the internet that can spread viruses – peripherals such as USB drives can carry dangerous malware such as worms. Worms cause widespread digital devastation to computer networks and have been known to eat away at shared drives, deleting and corrupting files and active backups. Companies should make sure that only encrypted external hard drives should be accepted on a network.
Some websites are more of a threat than others. Hotmail, Gmail, Facebook and Twitter are four of the ‘hot’ targets for malicious software makers. The reason for this is because of the enormous user numbers. It’s a chance for hackers and such like to spam as many people as possible – using automated scripts to send malicious emails to billions of potential accounts. Social Media in its own right, just like personal email accounts are not threatening to computer security other than the vulnerability of attacks like this.
Of course, whilst smaller, less-assuming businesses are not often a victim of specific attacks, large companies can be. Recent examples are that of Visa, MasterCard and Green Peace have all had their websites brought down by hackers, either replacing it with a political message or taken down by hackers appointed by competitors or those with a conflict of interest. This is something incredibly hard to protect against but measures such as complex encryption, multi-factor authentication methods (using something you have and something you know) and complex firewalls.
The bottom line is “do what you reasonably can” within a budget, time frame and scope. There is little point in a small single-office company putting in measures more extreme than the White House, but equally it’s very important to protect against reasonable threats. Unfortunately other than unplugging the internet cable, there is only so much we can do – the important thing is: Do them!