GFI WebMonitor 11 – protecting you from the big, bad internet

Malware comes in all sorts of shapes and sizes. Different attacks have different vectors and surfaces. Whether an attacker just wants to cause damage, to steal credentials, to get valuable data, find a backdoor into your system, or ‘use you’ to make an even bigger score, they must first get you (or your machine) to do something bad, like run code.

It’s not just your users’ inboxes you have to protect but also their internet browsing. With today’s dynamic websites it’s a lot easier to hide the many nasties which can infect users’ machines with malware. From malicious scripts such as Javascript containing malicious code, embedded media files urging users to click, and infected files users download and run the internet can seem like the big bad wolf.

While dynamic websites are fun and make for a better browsing experience, they can contain your worst security nightmares which include:

Viruses

A machine infected by a virus, or many viruses, may never be considered trustworthy again. For many sysadmins, the only choice is to dust off and nuke it from high orbit; which is to say format and reimage. Hopefully you have a trustworthy backup of the critical data and a spare machine so the user isn’t down for hours.

Deleted files

Some malware goes for the punch below the belt, deleting critical data from workstations, removable drives and network shares. Without good backups, this can be devastating to victims, especially when it is something irreplaceable like family photos or key customer quotes.

Encrypted files

One of the latest threats to users is ransomware. Victims’ files are encrypted and they can get the key to decrypt the files as long as they are willing to pay up. No payment, no more data. It’s digital extortion.

Zombie plagues

Other malware can turn victims’ machines into zombies, ready to participate in attacks against other victims. Zombies can launch massive denial of service attacks, spew out spam or be used to help break into other systems through brute force or distributed cracking.

RATs

Remote Access Trojans leave back doors in computers, allowing an attacker to remotely access the server at a later time. RATs can be used by attackers to steal data or even to spy on victims through their own webcams and microphones.

So what can be done to keep the big bad wolf at bay?

Patch operating systems

Patch, patch, patch. One of the most important and critical things you can do is patch. Patch operating systems, patch applications, patch the network infrastructure and keep patching because that’s a task that will never end. Since it will never end, get a patch management application to help you with that. That will pay for itself in no time at all, considering it will patch third-party apps like media players!

Upgrade browsers

No users should use older browsers. The threat from Internet-borne attacks is so significant that if you have a legacy app that requires you to use an out-of-date browser and you cannot lose the app, you should virtualize browsers that can only be used for the legacy app and let your users run modern browsers to access the Internet.

Monitor your downloads

The most important and effective thing you can do to protect your users from hackers, crackers and attackers on the web is to monitor your users’ web activity and downloads. Use web monitoring and filtering software to protect your users from all manner of threats. Web monitoring can block users from accessing phishing, hacked and inappropriate sites. Web filtering can look at all the HTML and Javascript that makes up webpages, examine every embedded document and media file and screen all the file downloads to ensure that there’s no malware present in anything your users might access from the Internet. That way, no matter what vector might be used, or which type of malware an attacker wants to deliver to your users, they are protected.

It’s a big, bad, scary Internet out there and danger can be found at every turn. But you can make it safer for your users by keeping systems patched, by not giving your users admin creds and ensuring the all access to the web is monitored and filtered with a solution like GFI WebMonitor. 

The new GFI WebMonitor 11.0 brings a new web classification database to increase the performance and capability of GFI WebMonitor to track and manage network traffic more efficiently. Here at GFI Software we offer free 30 day trials on all our software (complete with in-trial support). So click here to test drive GFI WebMonitor 11 and say goodbye to malware headaches.