Are you really protected against cybercrime and dangerous malware?

Posted on Posted in Software and Security

We have all heard of individuals and companies being victims of cybercrime, be it a virus infection leaking private data or files being held at ransom, requiring a large sum to be paid in order to recover it or losing all the data if you do not have secure backups. Currently, the biggest mistake individuals and companies are making is underestimating the reach of viruses, malware and infected executable files. Having an anti-virus is simply not the answer, and chances are that your system or personal computer might be infected without you even knowing it – an alarming percentage of computer users are at risk.

Let us look at some facts:

  • In 2007, 97% of computers were successfully guarded by signature-based anti-virus software against major cyber attacks. There was only a 3% malware gap.
  • Currently, only 40% of users can rely on the anti-virus software to protect their computers. A shocking 60% of users are now exposed to malware, which is now purposefully design to bypass anti-virus software for targeted attacks.



Before continuing, I should explain the concept of signature-based anti-virus software. This is an anti-virus that receives new updates on a daily basis, to scan and protect your computer against new forms of viruses and threats which have been identified. This means anti-virus software is reactive – only cleaning your computer AFTER you have been infected. While this still serves a purpose of healing, the damage is already done and viruses need only a few second to target files and take the information they need. The world was shocked after the Senior VP of Symantec, a world-renowned anti-virus provider, claimed that the anti-virus is dead. While not entirely true, this statement holds great value.

Why? 82 percent of all malware anti-virus software detects stay active for only an hour… of these attacks, about 70 percent of threats only surface once, since malware authors quickly amend their software to evade detection from traditional antivirus solutions. Signature-based anti-virus is essentially hunting expired threats, rather than actively detecting threats and preventing infection.

Apart from the traditional anti-virus failing at keeping computers secure, virus and malware infection can also take place in the following ways:

  • Infected external memory sources such as USB flash disks
  • Peer-to-peer platforms sharing information. Among them is Drop Box, a handy file sharing tool but with insufficient security procedures.
  • Outdated plug-in or application software, most prominently Java updates and Adobe Flash. Since it is an executable file, it is very easy to corrupt.
  • Outdated plug-in or application software, most prominently Java updates and Adobe Flash. Since it is an executable file, it is very easy to corrupt.
  • Infected email attachments, mostly in a .zip format to hide the true nature of the infected file. Watch out for unexpected resumés being sent to your address, or unknown contacts sending a .zip for your urgent attention.

 

 

The age old term “Prevention is Better than Cure” is perfectly applicable to the situation all computer users find themselves in today. One can cure a cold, but then you have already been infected and will suffer the consequences, instead of taking immune-boosting supplements before-hand to increase your chances of not getting the cold in the first place. Similarly, there are methods we can use to actively protect ourselves better against cybercrime and malicious attacks.

Many IT experts will quickly tell you that you must have anti-malware software to work with your anti-virus software, but how many of these programs can “communicate” with each other to build up a memory of viruses and malware blocked in the past? Very few. Until about two years ago, I had different anti-malware and anti-virus suites, not even from the same manufacturer. Both claimed to be the best in their respective areas – which I will not contest.

I was introduced to cloud-based security software in 2013, which filters all online content through the cloud. The benefit is that signature updates happen in near real-time instead of the daily updates to your traditional software. This is an excellent system, since it actively filters your activity and can identify new threats much more effectively. But still, it was only an anti-virus with some anti-malware functionality, not a fully integrated solution.

But then I learned about a term called “correlated security” a few weeks ago. This has been an eye-opener and the real reason behind my writing of this article to create awareness of a better security solution.

What is Correlated Security?
  • It is cloud-based
  • It provides an analysis of all 3 online threat categories: Web (infection through websites), Email (attachments and bad hyperlinks) and Endpoint (anti-virus software).
  • It gives consolidated threat information – in layman’s terms, the 3 categories talk to each other to inform of threats detected.
  • It co-ordinates the threat response – once identified, the threat is blocked from all points of entry.
  • Real time threat analysis, also meaning that the cloud-based anti-virus signatures are developed in near real time
  • It provides protection even for roaming and remote users – no more virus or malware infections carried into the office.

Before you jump up and say that a UTM (Unified Threat Management) systemalready has all these things in place, consider that it can only control the securitywithin its set network and can be bypassed by the end-user outside the network. It cannot cover you everywhere, especially when notebooks / laptops are used for private purposes, P2P downloads and even gaming outside of the office after work. These things do happen!

Right now, the leading (and the only true) provider of such a dynamic cloud-based security suite is a company called  iSheriff. Many other providers claim to have correlated security, but this does not fully cover web, email and endpoint security outside of the office network in a simlar manner. The IT manager or employer has the control of selecting a set of rules for any computer running the security suite, whether in the office or not.

This correlated security solution also comes at the fraction of the price of installing an UTM system, as it is charged per user. It is definitely something every business wanting the best security solution should consider.

Feel Free to Share our Content on Social MediaShare on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInPin on PinterestEmail this to someone

Leave a Reply

Your email address will not be published. Required fields are marked *