Malware comes in all sorts of shapes and sizes. Different attacks have different vectors and surfaces. Whether an attacker just wants to cause damage, to steal credentials, to get valuable data, find a backdoor into your system, or ‘use you’ to make an even bigger score, they must first get you (or your machine) to do something bad, like run code.
While dynamic websites are fun and make for a better browsing experience, they can contain your worst security nightmares which include:
A machine infected by a virus, or many viruses, may never be considered trustworthy again. For many sysadmins, the only choice is to dust off and nuke it from high orbit; which is to say format and reimage. Hopefully you have a trustworthy backup of the critical data and a spare machine so the user isn’t down for hours.
Some malware goes for the punch below the belt, deleting critical data from workstations, removable drives and network shares. Without good backups, this can be devastating to victims, especially when it is something irreplaceable like family photos or key customer quotes.
One of the latest threats to users is ransomware. Victims’ files are encrypted and they can get the key to decrypt the files as long as they are willing to pay up. No payment, no more data. It’s digital extortion.
Other malware can turn victims’ machines into zombies, ready to participate in attacks against other victims. Zombies can launch massive denial of service attacks, spew out spam or be used to help break into other systems through brute force or distributed cracking.
Remote Access Trojans leave back doors in computers, allowing an attacker to remotely access the server at a later time. RATs can be used by attackers to steal data or even to spy on victims through their own webcams and microphones.
So what can be done to keep the big bad wolf at bay?
Patch operating systems
Patch, patch, patch. One of the most important and critical things you can do is patch. Patch operating systems, patch applications, patch the network infrastructure and keep patching because that’s a task that will never end. Since it will never end, get a patch management application to help you with that. That will pay for itself in no time at all, considering it will patch third-party apps like media players!
No users should use older browsers. The threat from Internet-borne attacks is so significant that if you have a legacy app that requires you to use an out-of-date browser and you cannot lose the app, you should virtualize browsers that can only be used for the legacy app and let your users run modern browsers to access the Internet.
Monitor your downloads
It’s a big, bad, scary Internet out there and danger can be found at every turn. But you can make it safer for your users by keeping systems patched, by not giving your users admin creds and ensuring the all access to the web is monitored and filtered with a solution like GFI WebMonitor.
The new GFI WebMonitor 11.0 brings a new web classification database to increase the performance and capability of GFI WebMonitor to track and manage network traffic more efficiently. Here at GFI Software we offer free 30 day trials on all our software (complete with in-trial support). So click here to test drive GFI WebMonitor 11 and say goodbye to malware headaches.