22 March 2017 in Instructor
Malware or Malicious software is created to harm its target. Malware affects private individuals and corporate users. Malware can steal information, hijack website visits, spy on internet activity and damage data. Malware attacks that fraudulently redirect internet banking users are becoming more and more frequent.
There are different ways that Malware can spread, Trojans hide inside software that look safe, worms can spread between machines without relying on user interaction. Malware can be designed to evade defences and to execute tasks.
If you inadvertently install malware, it can carry out many activities without your knowledge, it can spy on the websites you visit, piece together passwords or destroy data.
Malware is usually delivered via email ‘phishing’ or fraudulent links. Malicious apps and USB memory sticks can also compromise smartphones and computers respectively.
Malware is increasingly being used by criminals to encrypt important business information until the organisation pays a ‘ransom’ Internet banking users might also be redirected to fake sites which record their login data to enable financial theft.
Malware can stay hidden for months until activated.
The risks to business include:
- Loss of Data;
- Financial loss;
- Damage to system hardware;
- Paralysis of business activity
- And damage to reputation
So how can you defend a business against Malware?:
- Put in place strong response, recovery and back-up processes;
- Run up-to-date anti-virus software on all machines, and consider systems that use file reputation / behaviour analysis within a safe sandbox system. Network behaviour anomaly detection (alert to attacker commands) is another systems security option;
- Keep your PCs, servers and associated hardware up to date, installing the latest security patches as they become available;
- Make sure that your staff avoid questionable websites, and know not to download free software / apps, run MS Office macros on email attachments, or use USB sticks, from unverified sources;
- Consider application whitelisting (blocking any software not already authorised);
- Use different passwords for different business logins.
Learn more about keeping your data safe with the ProTrainings Data Protection video online course at www.prodataprotection.co.uk or by calling ProTrainings on 01206 805359.