Malware

Malicious software or malware is a highly invasive security consideration for all businesses and organizations. Malware protection is something that traditional anti-virus systems cannot be solely responsible for preventing.

Malware is nothing new. It’s been the enemy of the internet for many years.

Despite a whole industry fighting to protect organizations from its sting, it’s not going away any time soon. Malware is a fairly broad term and refers to any software that’s been designed to intentionally cause damage to a computer, server, or network. Everything from trojans, to worms, to viruses, to ransomware, to crypto ransomware, to cryptominers comes under this category and cyber criminals are constantly developing their next piece of devastating malicious software.

Malware is used for multiple purposes. Ransomware tried to force people to pay to get locked files back; Random Access Trojans (RATs) enable administrative control; keyloggers watch as you type and steal credentials; the lists and purposes go on. While the vast majority of malware is used by cyber criminals to make money, there have also been instances of state sponsored hacking, where government employed hackers are tasked with stealing intellectual property or sensitive company information.

Essentially, malware protection should be a concern for every single organization.

There are multiple ways someone can get infected with malware, from dodgy adverts on websites to rogue apps downloaded onto phones. In 99 percent of cases, however, malware uses email or web as the initial malware infection vector and can lay dormant on networks for weeks, months or even years if no-one is paying close enough attention. Phishing emails are an incredibly popular way of infecting a machine, they rely on human fallibility and, over the years, have become increasingly professional and difficult to spot.

Anti-virus

Anti-virus was traditionally used to defend against malware infections but is no longer enough to protect organizations from the highly sophisticated techniques used by criminals today. While it’s still recommended these types of solutions are used, they need to be part of a multi-layered advanced defense, combining traditional signature-based (where the markers of known malware are used to identify it on a machine) and behavior based anti-virus (where there are no known markers, but the behavior of a piece of software looks likely to be malware), with static and dynamic sandboxing. Static analysis of malware examines it without actually running it, while dynamic analysis executes malware in a controlled and monitored environment to observe its behavior. Both types of sandboxing help organizations identify malware and inform other security tools of the threat.

Of course, ideally the malware wouldn’t get to the machine in the first place and, in order to help that, robust web and email security tools are needed. Web anti-malware can monitor the websites being visited by employees in real-time and block access to anything suspicious, while a good email security tool will scan emails before they are delivered, analyzing the content, headers, links and so on to ensure they are safe. They’ll be quarantined if they aren’t and delivered if they are – all in the space of seconds.

Exclamation mark graphic

Oh no, please not another console

There is a big problem facing the cyber security industry

Read now

For malware protection, what’s important is that all of these security tools talk to one another. It’s no use if email security finds a suspicious link, but web security let’s that link be opened. They need to work together to really provide protection. On top of these tools, threat intelligence also plays a part to block IPs and domains that are malware distribution points, as well as prevent malware reaching out to command and control (2C) infrastructure. It also provides information on known bad files to other security tools, meaning the decisions they make are based on the latest information.

 

Malware protection is an on-going battle for businesses world-over, but you don’t need to live in fear of an infection. With the right tools in place, that communicate and work with one another, malware can be banished from the list of concerns.

Malware Insights

Pollution graphic

Clouds of pollution – the scourge of cloud-only malware

Thank goodness for cloud applications. Compared to the old ways of sharing information across organisations and between virtual teams, cloud ...

Read More_
Want your data back?

Don’t get held to ransom

How to stop your business from being held to ransom Ransomware is a threat that comes in many shapes and ...

Read More_
Man pushing ceiling

The Heads Up: Solving Ransomware with AV…the definition of insanity?

In the light of the recent global ransomware cyber attack, we felt it appropriate to repost this blog for your ...

Read More_
Padlock

Why is Office 365 email a security risk?

When it comes to digital transformation, moving to the cloud is key. According to Forbes, 83% of enterprise workloads will be ...

Read More_

Want to discuss your specific security requirements?

Get in touch for an informal conversation

Not ready to renew yet?

If you're interested in Censornet security services but your existing service not ready to renew, give us a few details and we'll be in touch nearer the time.