The possibility of a malware infection is the reality for everyone who owns a computing device in at least one way or another. From ransomware to spyware and Trojans, individuals and organizations are plagued by persistent hackers who deploy malware constantly. With the rise of advanced persistent threats over the past few years, malware has become an even more serious topic. Increasingly, hackers have figured out how to customize all types of malware in order to fly under the radar of signature-based detection platforms – thus avoiding detection much more frequently than before. Additionally, for the lazier hackers who do not customize, they have launched attacks at a much more frequent rate, hoping that even just a few of their victims will have out-of-date anti-malware software.
Hackers know that they just need one attack to be successful in order to gain entry into individuals and organizations networks. The odds are in their favor as many security strategies have vulnerabilities that can easily be exploited. Doesn’t this paint a pretty bleak picture for all of us? As alarming as it sounds, fortunately there are numerous ways we can close the gap with malware, and utilize protection and breach-detection methods that actually work.
1 - Never click on or open e-mail from someone you do not know, or follow links in such messages.
Phishing has become one of the most prevalent ways cybercriminal use to gain entry into our systems. By either sending you a link to malware, or using phishing as a method to gather information on you (e.g. your usernames, passwords, etc.), attackers know that even if just a few people fall for phishing attacks, they can break into your organization’s entire network and wreak havoc.
2 - Keep malware protection up to date, this included updated signature definitions on your devices and network.
Regular malware protection updates. Sounds simple right? All too often, IT server administrators and users alike delay updating malware on network and endpoint devices, thus opening the door for new malware. Just by simply pushing automatic updates to devices, malware attacks can be cut down significantly as many of the attacks you receive are new signatures that could be prevented by updates.
3 - Educate yourself on current malware trends that are prevalent today via google search and security sites such as Dark Reading, The Register , Sans and of course the TitanHQ blog.
In larger organizations, threat management involves the practice of researching new threats and looking for potential vulnerabilities in their systems proactively. While this is much more difficult on an individual level, by simply staying up-to-date on the latest attacks, users will be much less likely to fall for the attack methods used by hackers. For instance, if you know the latest attack involves emails containing a specific subject line, you won’t open that email in the event you receive it.
4 - Protect Mobile devices with security software and policies.
Yes, your iPhone does not invincible since you’ve never had an attack before – that you know of. Regardless of what mobile device platform you use, hackers are targeting tablets and phones at an increasing rate; it is just a matter of time before major mobile device hacks hit the news. There are great security features on your phone that you may not be aware of – such as multi-factor authentication, device encryption, and the ability to remotely wipe your device. While these all protect your devices in the event they are stolen, they also protect them from malware if you fall privy to an attack. All security settings on your phone are built to ward off hackers and protect your information, keeping you safe in the event malware is successfully downloaded on your devices.
5 - Keep devices OS, firmware and apps updated regularly.
Just as you need to update your anti-malware software, you also need to keep your phone system software and applications up-to-date. This will protect against the latest threats and vulnerabilities that hackers are hunting for. All providers offer frequent platform updates, some of which run in the background and others which you must authorize. Unless a new OS is released (version 1.0 can always be buggy and vulnerable!), it is always advised to update as soon as are release becomes available.
6 - Be careful when installing any FREE software – especially games – as these products often have adware and malware built into their installers.
Any free software downloaded poses a great threat to your systems, which in turn threatens your organization or your home network as a whole. Always, always, always know who the software provider is before downloading software. Want a way to check to make sure your download isn’t corrupted? Many software provides will post the MD5 hash, also called a checksum, on their websites. This code should match the MD5 hash of the software you’ve downloaded from their website (which can be checked locally on your computer after installation). If the codes do not align, delete that software immediately.
7 - If using external drives to access content, programs etc., always use devices with security software before using or opening any content.
USBs and external hard drives can easily house malware that can infect any computer they touch. Oftentimes, anti-malware software on your computer will inspect the external device prior to allowing it access to your systems. Without this scan, the USB can quietly inject malware into your systems in the background – without you ever knowing the device was infected in the first place.
8 - Scan your devices on a regular basis using current security software.
In larger organizations your IT administrators will handle server and endpoint device scanning on a regular basis to protect systems. But for all personal or standalone systems, it is best practice to utilize anti-malware software to scan your computers and devices at least once every month to check for malicious software that landed on your systems without prior detection.
9 - Secure your home or business network’s Wi-Fi, and physical network using VLANS and a good firewall.
Almost all home routers come with a built-in firewall; but is it good enough? You don’t need to necessarily buy a firewall device in order to protect home systems. Many vendors offer endpoint firewalls which allows users to configure specific rulesets to add increased protection. Businesses of course are required to take the next step in security. Web and wifi filtering is critical in order to protect valuable information.
10 - Keep your sensitive information in a digitally secure place protected by encryption and strong passwords.
It is entirely common in this day and age to have all of your sensitive information stored on your computers. Social security numbers, account numbers, credit cards – you name it, it is stored on phones, laptops, etc. How exactly can we protect this information if malware gets on our systems? Fortunately, our devices can encrypt this data and provide for authorization requirements for anyone to access it. Strong passwords, multi-factor authentication, and biometrics are all fantastic ways to strengthen your device security. Furthermore, many applications allow for containerization, essentially firewalling each application off from the rest of your computer or mobile device. What does this achieve? By walling off each application, if one portion of your system falls victim to malware, it will be contained only in that small area, unable to spread to the rest of your applications.
11 - Lastly, have reliable backup.
The worst has happened – your systems are infected with malware or ransomware, and you’ve experienced some form of data loss or system disruption. To stop the infection and contain the attack, sometimes the best way out is to wipe systems or revert back to an earlier point in time before your systems fell under attack. Backups are vital to protecting your networks and computing systems, and they are able to restore your systems up to any point in time which you specify. For instances, if you perform nightly backups, you can restore your system to just one day back – minimizing your data loss and disruption.
Sign-up for email updates...