If you don’t speak/read Dutch, here’s a malware story that you might have missed: ConsuWijzer, which is a consumer advice web site run by the government in the Netherlands, advised last week that a large scale malware campaign was spreading throughout the country. The problem was discovered and reported by Fox-IT, a Dutch security company, which alerted the ACM (Authority for Consumers & Markets), a regulatory body that acts somewhat like the U.S. Federal Trade Commission.
According to the government site, on Monday, March 17 many popular websites were compromised and many consumers’ computers were infected. They recommended that anyone who had visited the sites using Windows computers should perform an immediate virus/malware scan. The affected sites included a diversity of websites such as news sites, dating sites and those selling travel, insurance and clothing.
The malicious software was reported by other sources to be of the “banking Trojan” type that attempts to collect passwords to be used to conduct fraudulent financial transactions. It was apparently inserted into the legitimate websites via the AppNexus advertising platform. To their credit, the Dutch government and companies moved quickly to protect consumers from further harm when the malware was reported. They said the malicious advertising code had been removed from the sites and the attackers’ servers had been taken offline.
Incidents such as this are becoming more and more common and can happen anywhere in the world, at any time. Although in this case the problem was addressed quickly, it’s unknown how many systems were infected before it was detected and resolved. And of course, such attacks aren’t limited to just consumers’ computers. Thus it’s vital for businesses to protect their users from malware by being proactive. A virus scan after the fact isn’t good enough.
The first step in preventing malicious code from exploiting vulnerabilities in the operating system, applications and services is, of course, an intelligent patch management strategy. Of course, having a well-documented process for security updating isn’t just a smart option if your company belongs to a regulated industry – it’s mandatory. Attempting to keep up with the neverending influx of new security updates from different vendors and apply them manually is an impossible mission. Automating the process through a solution that scans your systems for missing patches and applies them for you makes a lot more sense, and that’s where GFI LanGuard can come to the rescue.
Although this particular Trojan targeted Windows, more and more attackers today are branching out and going after Mac OS X and Linux computers, as well. LanGuard manages patching across all three popular desktop operating systems and can manage patches for third party applications as well as the OS and includes comprehensive reporting functionality to provide proof of compliance.
Another component in malware infestation prevention is to put up barriers at malware’s common points of entry. Much of today’s malicious software, including the Trojan wreaking so much havoc in the Netherlands, gets into your network via the web. Monitoring the web usage of your users and blocking them – temporarily or permanently – from visiting sites with known problems, and scanning the sites you do allow for viruses can keep the “bad stuff” out of your corporate network. GFI WebMonitor can do all that, and more. It uses multiple security engines, anti-phishing feeds and builds upon layers of anti-malware technology.
The trend today is “to the cloud,” and you can make patch management, antivirus, web protection and monitoring easier by using GFI Cloud to do it all from one integrated console. And you can manage the security of your network from anywhere in the world as long as you have an Internet connection – without having to worry about licensing or updating the security software itself.
Given the increasing sophistication level of attackers, it pays to arm yourself with the best tools for thwarting their efforts. Nobody who uses the web for business or leisure – and that’s almost everyone in our information-centric work world – is safe from the types of attacks that were perpetrated against Dutch companies last week. If you don’t have a plan for deflecting such attacks, it’s time to start thinking about one.