The NHS, TNT and many other organizations, large and small have been victims of virus attacks.
While we can never prevent a breach there are ways we can sleep more easily at night with Next-generation security protection.
Let’s first discuss the three main types of attacks and how they can affect your business.
In the past, small business would rarely be the victim of a hack. Hackers were mainly targeting larger companies. Hacking requires a human to attack your network and gain access as opposed to a virus which is a fully automated piece of software. Typically a hacker will log in, steal valuable data, or encrypt your files and charge a fee to unencrypt them.
Viruses have been given many names. Malware, ransomware, worms, trojans, adware, bots, spyware and rootkits. The reality is that they all have the same negative impact on your business. Traditionally these viruses would be a nuisance, they would slow down your server and computers and making working very difficult. More recently they have started having a much greater impact. Crypto viruses will gain access to your network, encrypt all your files and charge a fee to recover them. Realistically there is no way to decrypt them without paying the fee. We have seen this effect one man bands all the way up to multinationals, costing the economy over £1 billion.
The most common and current form of scam is for an attacker to send a spoof email to the accounts department of a business. This email will appear to come from a company director and will ask the recipient to send money to a supplier. The suppliers account details are the bank details of the scammer. We have seen companies lose tens of thousands this way. These scams are difficult to spot and they often do get around spam filters.
These are the types of attacks we see regularly and have affected our customers. So it’s important to start protecting yourself against them, they are real and are affecting businesses every day.
There are three things any IT person will tell you to do to protect your network.
- Antivirus – make sure AV is installed and up to date on all computers.
- Antispam – make sure you are using a decent antispam filter.
- Security updates – All devices should have the latest updates installed.
- Firewall – Have a permitter firewall with intrusion protection.
These are well known but in the real world, they only provide the most basic protection. In order to really protect your business, you need to go one step further.
Next generation anti-virus
Traditional antivirus works by monitoring the processes on your computer and if one of them looks suspicious it will be blocked. Next generation antivirus works by blocking everything and only allowing a process that it is 100% sure are legitimate. This is an oversimplification of what it is actually doing but it gives you an idea of how this can help. We recommend Panda Adaptive Defense 360, the only antivirus product in 2017 to detect 100% of all viruses and malware and block them. View this independent report here.
You may have heard of remote desktop. Lots of businesses use this to provide remote access for their employees. In our experience, about 95% of all Cryptovirus attacks come in through a brute force attack of the RDP protocol. We now only allow access to RDP via a VPN. If your unsure ask your tech guys to stop the publishing of RDP externally and allow internal access to the network only through VPN. It sounds unusual but since we have rolled this out to our customer base we have had no more Cryptovirus infections.
The only way to protect your business from a scam is to make sure your employees are aware of the scams that are out there, how to spot them and what to do if they see one. This training can be provided in less than an hour and can potentially save your business tens of thousands. Don’t underestimate the importance of security training in this day and age.
Last but not least, you need an automatic, monitored offsite backup of all your data, emails and databases. Even if you follow all the methods above there is still no way to completely prevent a breach. The only sure fire way you can guarantee that your business will bounce back is to have a working offsite backup. The backup needs to be offsite because in many cases viruses have destroyed onsite backup storage areas and media. It needs to be monitored to ensure that its working and data can be restored. It needs to be automatic so it runs every single day. Having this type of backup is the only way you can ensure your business survives a severe virus infection.It so important to us we make it mandatory for all customers.
These are all the areas that if you cover you give yourself the best protection you again against the growing threats that are out there.
We have years of experience securing small and large networks. Speak to our experts Dave or Steve.