How Small Businesses Can Prevent Malware Attacks
by Robert McNicholas on January, 23 2021
Preventing a Malware attack is much more than your free antivirus package included when you purchased your device. It’s a mindset. It’s being aware of the possibilities and vulnerabilities. Stopping malware requires shifting from detection to prevention.
Malware is becoming one of the biggest threats online and has been the culprit in some of the world’s largest cyber-attacks including the 2017 WannaCry attack that affected over 200,000 individuals across the world hitting 150 different countries.
Malware, short for malicious software, is typically installed on a computer when a user clicks on a link. By the user clicking the link, they unknowingly download a malicious attachment, or this prompts a rogue software program to open. Once installed, attackers can use the malware to spy on your online activities, steal personal and financial information or even use your device to hack other systems.
This form of cyber-attack has been extremely profitable. Cybercriminals are constantly developing new techniques, blending old and new variants to maximize damage.
Malware has many variants, with some being more harmful than others. Statistics state there are at least 230,000 new malware samples produced every day and each strain has its own unique way of infecting, capturing, and damaging computers. The most common forms of malware are...Ransomware
- The most common form of ransomware is by clicking a link within an email or opening a malicious attachment. Ransomware has been the top malware choice by cybercriminals. Ransomware is expected to cost the world upwards of $8 billion in damages. Ransomware is a type of malware that encrypts the victim’s data and blocks all access until a ransom is paid. The easiest and most common method of ransomware today is clicking a link within an email or opening a malicious attachment.
- A computer virus is a form of malicious software. Once activated, it will replicate itself from folder to folder, inputting its own code. A virus can spread like wildfire and will usually infect a system to steal personal and financial information, send spam or locking the system down.
- Adware is malware, less dangerous compared to those like ransomware, as adware doesn’t try to steal any data or information. It is more annoying, once the adware is downloaded it forces its victim to see ads they might prefer not to see. The ads can range from small banner ads to invasive pop-ups that cannot be closed down or moved aside.
- A trojan is a form of malware that looks to be a legitimate software but has malicious intent. A Trojan can disguise itself as a free update, game, or even an anti-virus program, this tricks the user into installing it onto their device. Once installed, the Trojan works silently in the background stealing sensitive data, installing a backdoor, or even worse.
- A worm is remarkably similar to a virus as it replicates itself within a system. But unlike the virus, a worm does not spread to other programs. After installation, the worm infects the device without alarming the user. Worms can replicate themselves hundreds of times, again and again, depleting the systems resources and damaging the device.
- Botnets are networks of corrupt devices that work as a team, all under the instruction of the cybercriminal. A bot is a computer, or software that has been infected with malware of some sort with intent to harm the user, without the user’s knowledge. Botnets can send out multitudes of spam, orchestrate phishing campaigns, or carry out Distributed Denial of Service (DDoS) attacks.
- This software installs itself on a device and monitors a victim’s online activity collecting all sorts of data such as passwords, financial information, and browsing activity. All of this information is captured unknowingly to the victim.
Prevention & Your Company
It’s exhausting trying to detect and defend your business from constant malware attacks. The best security measures eventually become outdated, making online IT security a constant task. Staying informed AND keeping your staff members informed will be the most important safety net you can have. Staying informed is just as crucial as having dependable security software. Educating your team about malware, how to decipher official emails from phishing scams and similar entities will ultimately keep your data safe and away from those planning your demise. At some point, bringing in professionals to take over or even just putting a second pair of eyes on your current attempts will yield useful.
Here’s a quick checklist to help you begin your Online Security venture. Review this internally monthly at a minimum, making sure nothing slips through the cracks.
- Have a clear inventory of your assets
- Use strong passwords.
- Install a browser add-on to block pop-ups
- Personalize your anti-spam settings
- Do NOT open attachments that look even slightly suspicious
- Do NOT give out personal information
- Make use of threat intelligence
- Think twice before clicking, always
- Educate your Users
- Use the Show File Extensions feature. This will help you detect misspellings of URLs
- I.e. www.go0gle.com
- Patch and keep your software up to date
- Instantly disable the web if you spot a suspicious process on your computer
- Only download from sites you trust
- Keep the Windows Firewall always on
- Adjust your security software to scan compressed or archived files
- Use strong spam filters and limit users
- Always enhance the security of your Microsoft Office apps
- Deactivate AutoPlay
- Stay away from unfamiliar media
- Make sure you disable file sharing
- Disable remote services if possible
- Remember to always turn off unused wireless connections, such as Bluetooth
- Block known malicious IP addresses
- Monitor the network for suspicious activity
Have you ever heard of Social Engineering?
Social engineering is another fairly common method of cyber infection. It is the art of manipulation at its best. It is normally an email pretending to be sent from a trusted source, such as your bank, your work, tech support scams, etc. These criminals have a knack for tricking the innocent browser. And in all honesty, it is naturally easier for the criminal to exploit the victim's instinct to trust, especially in times of need.
- Tech Support Pop-Ups. How to know what’s real and what’s not. Tech support scams are becoming more common now. They are found as pop-ups, from fictitious companies, offering to help you with a malware attack. How can you decipher if they're real or fake? A true security company would never market to you with a pop-up stating they believe your computer is infected. They also would never charge upfront to fix it either. If you already have security software that detects most malware, it will show a detection in the regular scanning of your device. It will NOT encourage you to call and pay anything to remove the infection, this is a scam. And that’s the bait.
- Read emails very carefully. Phishing is always going to be around for a long time and preys on those who purely don’t know any better.
Step 1 - Check the sender's address. Is this email from the actual company he/she claims to be associated with?
Step 2 - Is this a real URL and how can I tell? Hover over links provided in the email and it will show you the full URL.
Step 3 - Did you notice any grammatical errors, such as line breaks, misspelling, or extra spaces? Or sentences that sound foreign or miscommunicated? Reading the email with an eagle eye will help you detect the fraudsters.
Step 4 - Be informed of the proper channels each organization/company will typically use to contact you.
- I.e. The IRS will never contact you via email requesting payment.
- If you are ever in doubt, call whoever it is that is trying to contact you to verify authenticity.
Cybercriminals love pretending to be your bank via SMS/text message or even creating fake bank apps. Never confirm or give out any personal data or account numbers via text, especially social security numbers. Again, when in doubt, contact your financial institution directly.
- Cold callers are more dangerous than annoying. The old-fashioned way still seems to work. Some criminals will call you trying to get personal information over the phone pretending to be a trusted source, such as your bank. There have been reported cases of scammers calling their victims posing as Microsoft. It starts out by them stating they’ve “detected an infection” or “credit card fraud was found on their account”. If this is news to you or seems fishy from the start, ask questions. Do not give any personal information when asked to confirm or update your information, as this is them prying more and more information to use against you. Always ask who and where this person is calling from. Then call back using the trusted contact information.
Have you ever heard of an exploit kit? Sadly, not many have until it happens to them. These devious little things rummage around your device looking for any vulnerabilities within the system. These weaknesses can range from an unprotected operating system, software that hasn’t received on-time updates, or a device without proper browser security.
Three of the best ways to protect yourself from these creepy crawlers are...
- Update your operating system, browsers, and plugins. Program updates for your operating systems, browsers, and plugins are often released to patch any security vulnerabilities discovered. While you have not touched the program, or even remembered it was still installed on your device, cybercriminals can find their way in through the vulnerabilities.
- Enable click-to-play plugins. The most common “how” exploit kits (EKs) are delivered to your computer is through malvertising or malicious ads. You don’t even need to click on the ad to become infected. By keeping your software patched and updated, it blocks exploit kits from doing their dirty work. A click-to-play plugin can be enabled to help block exploit kits. Click-to-play plugins keep Flash or Java from running in the background. This feature makes you manually click the ad, making it harder for an exploit kit to grab hold of your data. The majority of malvertising relies on capitalizing on the plugins.
- Constantly remove software you don’t use (especially legacy programs). Microsoft will no longer release software patches for Windows XP as of 2015, and Windows 7 and 8 are only under extended support. Using them without support or the capability to patch will leave you open to exploit attacks.
Most importantly, Layer Your Security.
What does that mean exactly? Well, no matter the amount of safe and cautious browsing in the world can protect you from every new dirty technique these cybercriminals come out with. Sometimes you need a professional to cross the T’s and dot the I’s. Invest in yourself and your business and layering your security software by...
- Firewall, anti-malware, anti-ransomware, AND anti-exploit technology. A firewall can detect the basics and block some of the commonly known “bad guys”. But Malwarebytes products use multiple layers of protection to fight off even the most sophisticated attacks. These stop malware and ransomware infections in real-time and protect vulnerable programs from exploitation.
As a business, having a reliable backup program is the priority. This can be a life-or-death sentence for your business in the event of a malware attempt. Data backup is the final layer of defense. Finding the quickest restore data capability is your safest and should be your main priority. This feature will keep your data backed up and saved at an almost live rate.
“Security professionals agree a multi-layer approach—using not only multiple layers of security technology but also user awareness—helps keep you protected from the bad guys and your own mistakes.”
Malware attack prevention is possible. The majority of the preventable measures needed are simple tasks requiring minimal effort/funds. Remembering these can save you some headaches down the road.
Mental recap for your malware protection...
- Only use trusted antivirus from a reputable provider.
- Run your scans regularly.
- Never leave updates hanging, always update your devices & their software.
- Use security networks, proxies, and/or VPN's whenever possible.
- Don’t click every link or ad that comes through your email, some are BAD.
- Protect your usernames and passwords, these are all-access keys to your livelihood.
- Stay informed. Stay updated on the most recent/common threats and how best to prevent them.
By following the guidelines given, drastically drops your chances of becoming a victim.
Be the change and stop malware. Be proactive rather than reactive.