Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Malware Analysis
4 steps for SMBs to protect against malware attacks
Message
<blockquote data-quote="omidomi" data-source="post: 846490" data-attributes="member: 20716"><p><span style="font-size: 18px"><strong>Cybersecurity threats from malware continue to be a significant risk for organisations large and small.</strong></span></p><p>The headline-grabbing, sophisticated attacks of the past couple of years have showcased companies’ vulnerability to threats, and these attacks are only becoming more common. </p><p>According to a report, <a href="https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.beaming.co.uk%252Fcyber-reports%252Fcyber-threat-report-q3-2019%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=n3gEtGk4aJ1npB8vVnR4CfZnWon%252FRIPeuYmkozW3BoI%253D&reserved=0" target="_blank">businesses in the UK</a> faced an average of 157,528 attempted cyberattacks in the third quarter of this year- an increase of 243 per cent from the same period last year. Almost half a million unique IP addresses were used to launch online cyber attacks on UK businesses during that period, with IoT devices and file sharing devices among the most targeted applications, the report stated.</p><p><a href="https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.gartner.com%252Fsmarterwithgartner%252Fhow-to-address-threats-in-todays-security-landscape%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=K91mF4was9tjkuM3IotY4ll1GVtZiBIP2PF84AFZSP4%253D&reserved=0" target="_blank">Gartner predicted</a> that the majority of exploited vulnerabilities in organisations through 2020 will be the ones that security and IT professionals have known about for at least a year. Despite the constant threat of cyberattacks, ManageEngine’s <a href="https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.manageengine.com%252Fnews%252Ftwelve-percent-uk-enterprises-detect-anomalous-activity-it-networks.html&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=aOrgUZZ1%252BHRg97Wfpkg8BxIcJDtQqJumzy8LfbUghys%253D&reserved=0" target="_blank">State of IT in the UK 2019</a> survey has found that a majority (31 percent) of SMB respondents consider high costs as the main barrier to securing additional resources for better IT security. </p><p>However, SMBs can protect themselves from the mounting risks and consequences of a security breach by applying some basic security controls. The following steps can be effective in securing the organisation from attacks. </p><p><span style="font-size: 18px"><strong><strong>Maintain a hardware and software inventory to help thwart threats from shadow IT</strong></strong></span></p><p>Unknown software risks, prohibited software, and unsecured network devices can enable an attacker to sneak in. Security threats are also posed by shadow IT, which includes the systems, software, or applications regularly used by employees without the knowledge of management or the IT teams. Having visibility into network software and remote network devices will provide a layer of protection to the network. Additionally, creating customised configurations for network hardware and software can help mitigate attacks.</p><p>[SPOILER="Full Story"]</p><p></p><p><span style="font-size: 18px"><strong>Cybersecurity threats from malware continue to be a significant risk for organisations large and small.</strong></span></p><p>The headline-grabbing, sophisticated attacks of the past couple of years have showcased companies’ vulnerability to threats, and these attacks are only becoming more common. </p><p>According to a report, <a href="https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.beaming.co.uk%252Fcyber-reports%252Fcyber-threat-report-q3-2019%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=n3gEtGk4aJ1npB8vVnR4CfZnWon%252FRIPeuYmkozW3BoI%253D&reserved=0" target="_blank">businesses in the UK</a> faced an average of 157,528 attempted cyberattacks in the third quarter of this year- an increase of 243 per cent from the same period last year. Almost half a million unique IP addresses were used to launch online cyber attacks on UK businesses during that period, with IoT devices and file sharing devices among the most targeted applications, the report stated.</p><p><a href="https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.gartner.com%252Fsmarterwithgartner%252Fhow-to-address-threats-in-todays-security-landscape%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=K91mF4was9tjkuM3IotY4ll1GVtZiBIP2PF84AFZSP4%253D&reserved=0" target="_blank">Gartner predicted</a> that the majority of exploited vulnerabilities in organisations through 2020 will be the ones that security and IT professionals have known about for at least a year. Despite the constant threat of cyberattacks, ManageEngine’s <a href="https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.manageengine.com%252Fnews%252Ftwelve-percent-uk-enterprises-detect-anomalous-activity-it-networks.html&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=aOrgUZZ1%252BHRg97Wfpkg8BxIcJDtQqJumzy8LfbUghys%253D&reserved=0" target="_blank">State of IT in the UK 2019</a> survey has found that a majority (31 percent) of SMB respondents consider high costs as the main barrier to securing additional resources for better IT security. </p><p>However, SMBs can protect themselves from the mounting risks and consequences of a security breach by applying some basic security controls. The following steps can be effective in securing the organisation from attacks. </p><p><span style="font-size: 18px"><strong><strong>Maintain a hardware and software inventory to help thwart threats from shadow IT</strong></strong></span></p><p>Unknown software risks, prohibited software, and unsecured network devices can enable an attacker to sneak in. Security threats are also posed by shadow IT, which includes the systems, software, or applications regularly used by employees without the knowledge of management or the IT teams. Having visibility into network software and remote network devices will provide a layer of protection to the network. Additionally, creating customised configurations for network hardware and software can help mitigate attacks.</p><p><span style="font-size: 18px"><strong><strong>Regular assessment and remediation of vulnerabilities </strong></strong></span></p><p>WannaCry, Petya, Bad Rabbit, Meltdown, and Spectre all had a vaccine: patching. Vulnerabilities are everywhere, and SMBs need to ensure that all devices are patched and secured. Meanwhile, the increasing number of remote code executions exploiting zero-day vulnerabilities make securing applications an important priority. Companies should also secure network ports by monitoring and controlling all the traffic moving through them. </p><p><span style="font-size: 18px"><strong><strong>Ensure access control and administrative privileges are accurate and in constant use </strong></strong></span></p><p>Companies need to regularly monitor account activity and control password policies to stay on top of potential security gaps. Too often, expired user accounts are not removed from directories, leaving a gap in a company’s security, or passwords are not set to expire, increasing that account’s vulnerability over time. </p><p><span style="font-size: 18px"><strong><strong>Protect browsers and data</strong></strong></span></p><p>Hackers are increasingly turning to cryptojacking, the practice of using malware to get other people’s computers to mine for cryptocurrencies. As a result, the risk of company browsers becoming infected with cryptomining tools is higher than ever. However, this is just one of many browser-based attacks that companies need to protect against. There is also a huge amount of information that flows into companies each day, some of which are retained as stale data without a retention policy. If that private information is not properly protected, companies can end up paying huge sums in fines as per data protection laws.</p><p>EU’s General Data Protection Regulation (GDPR), which came into effect last year, has changed comprehensive data security from just being a good business practice to a mandatory investment. SMBs can no longer afford to under-invest in cybersecurity and hope their business won’t be affected. The real questions are whether your organisation is protected from the threats that are currently known to the market, and if it is equipped to quickly detect network breaches, as the ramifications of a security breach extend all the way to the bottom line.</p><p></p><p>[/SPOILER]</p></blockquote><p></p>
[QUOTE="omidomi, post: 846490, member: 20716"] [SIZE=5][B]Cybersecurity threats from malware continue to be a significant risk for organisations large and small.[/B][/SIZE] The headline-grabbing, sophisticated attacks of the past couple of years have showcased companies’ vulnerability to threats, and these attacks are only becoming more common. According to a report, [URL='https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.beaming.co.uk%252Fcyber-reports%252Fcyber-threat-report-q3-2019%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=n3gEtGk4aJ1npB8vVnR4CfZnWon%252FRIPeuYmkozW3BoI%253D&reserved=0']businesses in the UK[/URL] faced an average of 157,528 attempted cyberattacks in the third quarter of this year- an increase of 243 per cent from the same period last year. Almost half a million unique IP addresses were used to launch online cyber attacks on UK businesses during that period, with IoT devices and file sharing devices among the most targeted applications, the report stated. [URL='https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.gartner.com%252Fsmarterwithgartner%252Fhow-to-address-threats-in-todays-security-landscape%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=K91mF4was9tjkuM3IotY4ll1GVtZiBIP2PF84AFZSP4%253D&reserved=0']Gartner predicted[/URL] that the majority of exploited vulnerabilities in organisations through 2020 will be the ones that security and IT professionals have known about for at least a year. Despite the constant threat of cyberattacks, ManageEngine’s [URL='https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.manageengine.com%252Fnews%252Ftwelve-percent-uk-enterprises-detect-anomalous-activity-it-networks.html&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=aOrgUZZ1%252BHRg97Wfpkg8BxIcJDtQqJumzy8LfbUghys%253D&reserved=0']State of IT in the UK 2019[/URL] survey has found that a majority (31 percent) of SMB respondents consider high costs as the main barrier to securing additional resources for better IT security. However, SMBs can protect themselves from the mounting risks and consequences of a security breach by applying some basic security controls. The following steps can be effective in securing the organisation from attacks. [SIZE=5][B][B]Maintain a hardware and software inventory to help thwart threats from shadow IT[/B][/B][/SIZE] Unknown software risks, prohibited software, and unsecured network devices can enable an attacker to sneak in. Security threats are also posed by shadow IT, which includes the systems, software, or applications regularly used by employees without the knowledge of management or the IT teams. Having visibility into network software and remote network devices will provide a layer of protection to the network. Additionally, creating customised configurations for network hardware and software can help mitigate attacks. [SPOILER="Full Story"] [SIZE=5][B]Cybersecurity threats from malware continue to be a significant risk for organisations large and small.[/B][/SIZE] The headline-grabbing, sophisticated attacks of the past couple of years have showcased companies’ vulnerability to threats, and these attacks are only becoming more common. According to a report, [URL='https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.beaming.co.uk%252Fcyber-reports%252Fcyber-threat-report-q3-2019%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=n3gEtGk4aJ1npB8vVnR4CfZnWon%252FRIPeuYmkozW3BoI%253D&reserved=0']businesses in the UK[/URL] faced an average of 157,528 attempted cyberattacks in the third quarter of this year- an increase of 243 per cent from the same period last year. Almost half a million unique IP addresses were used to launch online cyber attacks on UK businesses during that period, with IoT devices and file sharing devices among the most targeted applications, the report stated. [URL='https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.gartner.com%252Fsmarterwithgartner%252Fhow-to-address-threats-in-todays-security-landscape%252F&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=K91mF4was9tjkuM3IotY4ll1GVtZiBIP2PF84AFZSP4%253D&reserved=0']Gartner predicted[/URL] that the majority of exploited vulnerabilities in organisations through 2020 will be the ones that security and IT professionals have known about for at least a year. Despite the constant threat of cyberattacks, ManageEngine’s [URL='https://eur03.safelinks.protection.outlook.com/?url=https%253A%252F%252Fwww.manageengine.com%252Fnews%252Ftwelve-percent-uk-enterprises-detect-anomalous-activity-it-networks.html&data=02%257C01%257Czacharyh%2540whiteoaks.co.uk%257C16e08ee5c9d14b7e483408d769c2e53b%257C7a109dbbbc1e4db2a56e6e23bef17d6f%257C0%257C0%257C637094158127903194&sdata=aOrgUZZ1%252BHRg97Wfpkg8BxIcJDtQqJumzy8LfbUghys%253D&reserved=0']State of IT in the UK 2019[/URL] survey has found that a majority (31 percent) of SMB respondents consider high costs as the main barrier to securing additional resources for better IT security. However, SMBs can protect themselves from the mounting risks and consequences of a security breach by applying some basic security controls. The following steps can be effective in securing the organisation from attacks. [SIZE=5][B][B]Maintain a hardware and software inventory to help thwart threats from shadow IT[/B][/B][/SIZE] Unknown software risks, prohibited software, and unsecured network devices can enable an attacker to sneak in. Security threats are also posed by shadow IT, which includes the systems, software, or applications regularly used by employees without the knowledge of management or the IT teams. Having visibility into network software and remote network devices will provide a layer of protection to the network. Additionally, creating customised configurations for network hardware and software can help mitigate attacks. [SIZE=5][B][B]Regular assessment and remediation of vulnerabilities [/B][/B][/SIZE] WannaCry, Petya, Bad Rabbit, Meltdown, and Spectre all had a vaccine: patching. Vulnerabilities are everywhere, and SMBs need to ensure that all devices are patched and secured. Meanwhile, the increasing number of remote code executions exploiting zero-day vulnerabilities make securing applications an important priority. Companies should also secure network ports by monitoring and controlling all the traffic moving through them. [SIZE=5][B][B]Ensure access control and administrative privileges are accurate and in constant use [/B][/B][/SIZE] Companies need to regularly monitor account activity and control password policies to stay on top of potential security gaps. Too often, expired user accounts are not removed from directories, leaving a gap in a company’s security, or passwords are not set to expire, increasing that account’s vulnerability over time. [SIZE=5][B][B]Protect browsers and data[/B][/B][/SIZE] Hackers are increasingly turning to cryptojacking, the practice of using malware to get other people’s computers to mine for cryptocurrencies. As a result, the risk of company browsers becoming infected with cryptomining tools is higher than ever. However, this is just one of many browser-based attacks that companies need to protect against. There is also a huge amount of information that flows into companies each day, some of which are retained as stale data without a retention policy. If that private information is not properly protected, companies can end up paying huge sums in fines as per data protection laws. EU’s General Data Protection Regulation (GDPR), which came into effect last year, has changed comprehensive data security from just being a good business practice to a mandatory investment. SMBs can no longer afford to under-invest in cybersecurity and hope their business won’t be affected. The real questions are whether your organisation is protected from the threats that are currently known to the market, and if it is equipped to quickly detect network breaches, as the ramifications of a security breach extend all the way to the bottom line. [/SPOILER] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
