Anti-Virus – Do we still need it or is it doomed?

With the advancements in technology the threat landscape is evolving too.

Malicious software is becoming harder to detect and remove – it is also starting to affect a wider range of devices because of the ‘Internet of Things’. There has been some cases that advance malicious software can even bypass the anti-virus software by changing its code!

In some ways there is truth behind what Brian Dye, senior vice president of Symantec famously said a few months ago ‘Antivirus is dead’ and it is ‘doomed to failure’ because Anti-Virus relies on a signature database to block out malicious behaviours so, if a particular piece of malicious code has never been seen before – you will probably be a victim to it.

However AV is not completely doomed as Eugene Kaspersky quite rightly said, it is still ‘very much alive and kicking’ because as threats evolved so has the traditional AV. It is about choosing a product that has a database that is continuously updated and have a good feature set.

Many vendors are now reinventing AV and changing it to ‘Endpoint Security’ which offers a wider range of features from your standard things like Anti-Virus, Anti-Spyware and Anti-Malware but, include features like application control, mobile device security, encryption and rule-based system behaviour blocking.

However security has become more complex and just because AV or ‘Endpoint Security’ has more features, we cannot just relying on it to be the sole system defences, it is not viable anymore. It will not provide an adequate level of protection for a modern day complex network.

Networks have developed into complex environments with multiple layers and a range of devices connected so, a layered approach to network security is key because it helps protect the different level within the infrastructure.

AV should just be seen as the first line of defence only, its aim is to protect users from things like spam emails, malicious attachments and websites. Occasionally some will get through but this approach is more secure and safer. Always keep in mind there is no 100% defence against the malicious cyber-attacks because the variables are always changing. Continuously network monitoring is also key to catching any abnormal behaviour.

For more information on network security please feel free to contact us on 0845 603 5552 or info@netshield.eu

Advertisements

Netshield Anti-Virus service – powered by BitDefender

Anti-Virus software is a necessary evil – it can take valuable time and energy to deploy, update and manage and they are not all the same! Netshield Anti-Virus is a comprehensive solution that acts as your first line of defence against malicious software.

Check out the video below for a quick summary…

Malware – The Potential Horrific Consequences

In the Kaspersky Security Bulletin it suggests Corporations are increasingly falling victim to Cybercrime, a whopping 91% of those surveyed by Kaspersky Lab and B2B International  fell victim to a cyber-attack at least once in the last 12 months. The top causes included Viruses, Malware, Spam and Phishing – in 2013 alone Kaspersky Lab products detected almost 3 billion malware attacks on user computers!

Spam and Phishing is certainly not a new concept but, the emails sent are becoming more sophisticated, they are adopting an appearance of something that the recipient is familiar with – appear like it is from a delivery company, social media, stores etc.

Spam can just be a simple form of electronic junk but, it can also be malicious spam with the purpose of either make money, obtain sensitive information or spread malicious codes – like CyptoLocker, which surfaced in 2013, it would encrypt the victim’s data and sell it back to them for monetary gains. It is a Trojan Ransomware distributed through a series of phishing campaigns. The emails imitated well-known delivery companies and financial institution preying, on our trust of these companies and our curiosity to see what the attachment is about. It effected over 12,000 victims within one week and to this day there are still stories of CyptoLocker causing chaos and victims paying to obtain decryption keys for their own data.

The sophistication of spam, malware and phishing attacks is not just limited to emails being sent through a computer – but, in January it was found 750,000 spam emails were sent from compromised smart fridges!

However these fridges were not infected using traditional methods like a Trojan Horse but, most of them have been ‘simply left open, so existing software running on them can be used by attackers’ said a spokesperson for Proofpoint who made the discovery. It would be interesting to know, how many people have smart fridges and how many people would buy one?

The US retailer ‘Target’ would be one of the recent examples of how malware can cause horrific consequences. Target’s point-of-sale (POS) system was infected with malware, causing as many as ‘40 million credit and debit card details and 70 million customers’ personal details being stolen in a cyber-attack!

This POS malware attack has caused financial losses, decrease in brand reputation and consumer confidence. In a recent press release issued by Target due to the attacks they had to reviewed their forecasts, predicting a 2% – 6% decrease in sales for this quarter and whether it is directly related to the data breach or not, Target also stated there will be store closures in May.

Target’s incident shows being a victim can have an impact on profits, consumer confidence and brand reputation. A malware breach on this scale is not something that a company can recover from overnight and it can potentially have long-term implications but, only the coming months will reveal the true scale of the consequences for Target.

The consequences of being victims of spam, malware, viruses and phishing is never a good one. In general the motive is simple – cybercriminals want to obtain business data and make money! So, be vigilant and make sure your systems are protected.

To discuss methods of protection against malicious software contact us today.

CryptoLocker – The New Kid on the Block for Trojan Ransomware

Cryptolocker Trojan Ransomware

Watchout for Cryptolocker! It claimed over 10,000 victims within a week.

CryptoLockerA new variant of Trojan Ransomware has recently appeared in the world of cybercrime; but, it is not just a typical piece of RansomWare

When it infects a system it would encrypt your data using a strong cryptography and the cybercriminals will hold the users’ data hostage until a ransom is paid. The users are usually infected by an email with an attach .exe file and when opened, it will execute scripts to encrypt all the users’ data. It has been reported the ransom demands are for either $300 US dollars or Bitcoins. However,  there is no guarantee the decryption of the data will occur after the ransom is paid.

CryptoLocker is spreading fast in phishing campaigns and it has been reported it can be sent as a fake delivery notification or an email from a financial institution.

According to Kaspersky’s Costin Raiu the primary target for this Trojan Ransomware is ‘US and UK, with India, Canada, Australia and France being second-tier targets’ and the National Crime Agency (NCA) in a recent BBC article said ‘Small to medium businesses seem to be the target’ and there are ‘significant risks’.

Protect yourself

It is important to have anti-virus protection in general but with over 10,000 people falling victim to CryptoLocker within a week, it further highlights the need to have a good level of IT security in place. But this is usually not the case, as anti-virus is often considered after one becomes a victim.

From a B2B perspective it is always suggested to have a layered approach to IT security i.e. having a firewall, anti-virus, endpoint security, email security products to limit inbound email threats. From personal use perspective having anti-virus in place is essential.

Email Security products such as NetMail will help protect users’ from this type of trojan by blocking .exe files as a rule. However, CryptoLocker can also infect systems via physical media, websites etc so, anti-virus and malware detectors are essential, to help create a strong defence to keep those criminals off your devices and networks.

So be extra careful and do not open those .exe files unless you know exactly who it is from.

Contact us today to find out more about IT Security and how we can help protect your business.  

Take control with Endpoint Security

An IT network may have a Next Generation Firewall(s) in place to help keep out the malicious attacks but, it is advisable to have a layered approach to IT network security, like adding a layer of endpoint security.

Similar to Next Generation Firewalls, ‘Endpoint Security’ is an enhancement of traditional anti-virus as it is an all-in-one security suite where it will protect user devices (endpoints) on the network from viruses, worms, malware and offer security enforcement features and much, much more. Whereas anti-virus is designed simply too detect and destroy viruses and worms.

Why Endpoint? I hear you ask – Advances in technology has led to the changes in the corporate network demands i.e. increase usage of social media and employees working remotely, through the internet or different devices. So, it is becoming a critical element for corporations because it offers that extra layer of security by protecting the end-user devices and offer more control for the IT administrators to the IT network.

Some of the Advantages of Endpoint Security:-

  • Provides Security and Protection for devices
  • Central Management Control Console
  • Ability to Set and Enforce Security Policies
  • Web Content Control
  • Application Control
  • Email Protection and Encryption
  • Mobile Security
  • Anti-Virus and Malware
  • Etc.

But, you need to keep in mind ‘Endpoint Security suites’ features will vary depending on the brand. So, businesses need to decide which are the most important features and evaluate the different Endpoint offerings before deployment.

For advise on Endpoint Security Suites, contact us today.