Get the scoop on the cyberattacks you face and how to fight them
Today's cyberattacks are very quiet, difficult to detect and highly targeted. What are they targeting? Often, it's your employee's desktop or notebook computer and the data stored there. Here are the 10 most common cyberthreats you'll face today and some tips on how to avoid them.
1. Worms and viruses
Viruses and worms are some of the oldest and most well-known cyberthreats. Viruses tend to spread through e-mail, typically hidden within attached documents, spreadsheets and other files. Worms, which are executable programs, typically spread themselves directly over networks. Once a worm or virus has infected a computer, it can wreak havoc and replicate itself to other systems.
To protect against worms and viruses, run antivirus software both at your network gateway and at the personal computer, or "client," level. Also, consider using secure switches inside your local-area network (LAN).
2. Spyware
Spyware is software that installs itself on a computer without your knowledge and degrades computer performance. Some spyware may simply attempt to change your browser's home page or barrage you with pop-up ads. But increasingly, most spyware is malicious in intent, monitoring your keystrokes or examining files for passwords, financial account numbers and other sensitive data, and then sending that information back to the spyware's creator who may use it for identify theft.
Spyware can enter your computers from executable attachments in e-mail, hostile applets on Web sites, installation CDs or downloaded files that have spyware hidden in them and through security holes in other applications. The best solution is to block its access to your computers with URL and content filtering at the network gateway and, if possible, at the client level, too. It's also important to regularly run antispyware software on each user machine.
3. Keystroke logging
Keystroke logging, or keylogging, refers to programs that can record a user's keyboard input to get usernames, passwords, e-mail, instant messages (IM) and other information. Keylogger programs typically capture this information to a file, then surreptitiously forward these files for identify theft or other misuses. Along with vigilance, URL monitoring and content filtering are key defenses.
4. IM vulnerabilities
Like e-mail, IM is a common way viruses and spyware spread, typically through attachments. Once opened, an IM virus will resend itself to everyone on the user's contact list. Network and client antivirus and antispyware tools will thwart most of these threats. You should also keep computer operating systems and IM applications updated.
5. Phishing
Phishing attempts to fool end users into believing that bogus e-mail, phone calls or Web sites — often related to online banking and payment services — are legitimate. The intent of phishing is to get users to provide private information or download hostile applets to infect their computer.
One solution is Web filtering, which blocks requests to sites identified as phishing sites. Also, look for gateway-level security that examines incoming e-mail and Web code.
6. Blended attacks
Using combinations of viruses, worms, spyware and other malicious code, blended threats can rapidly initiate, transmit, spread and cause widespread damage. A blended attack might start with a phishing attack through e-mail, IM or a voice-phishing call. In each of these cases, the goal is to trick a user into visiting a Web site that drops malicious code onto the computer. With the code in place, hackers can then begin to gather sensitive information.
To block blended attacks, you should strengthen your network's firewall protection and invest in hardware or software that offers intrusion prevention and "behavior blocking" protections. These tools will look for and alert you to unusual software activity. Many of them will automatically suspend the activity, quarantine viruses and restore the affected files.
7. End runs
While many attacks come in through the Internet, some will go around your network protections and straight onto a desktop or notebook through an end-run device such as a CD, USB Flash drive or handheld. The solution again is to have protection installed at the client level that will inspect all end-run devices upon connection to your computer.
8. Rogue access points (APs)
Any wireless access points in your office that weren't installed and aren't maintained by your IT staff can pose a significant threat to your business. Rogue APs not only allow access to your network by anyone with a wireless notebook inside your office, but typically someone outside but still close to your office might also gain access to your network. One of the newer features of today's multilayered security appliances and software packages is the ability to detect and block access to rogue APs.
9. Web and browser exploits
Web exploits attempt to breach security through Web servers. Successful attackers may gain complete control of your Web server, allowing them to read, change or delete data. Browser exploits, similarly, seek to take advantage of security vulnerabilities such as unpatched or improperly configured browsers. In these cases, malicious JavaScript, ActiveX or Java applets can crash a server or download malicious code and give intruders full access to your server. Successful attacks can steal user logins and other sensitive data and compromise user computers.
Solutions include URL and content filtering at the gateway, switch and client levels, running vulnerability software to scan Web servers and client systems for potential vulnerabilities, applying security patches and configuring Web servers and browsers securely.
10. Information theft
Company information such as usernames and passwords can be misused to gain access to databases, applications and systems. Lost, changed or compromised names or passwords can, in the wrong hands, put your company at risk from regulatory fines, loss of business and other costs.
Combat information theft with gateway-level firewalls, intrusion prevention, antivirus, antispyware, spam blocking and URL/content filtering, as well as the use of virtual private network (VPN) connections for mobile and other remote users, Network Access Control (NAC) and endpoint security to ensure that client devices are secured.
%%d_amdefault_cta%%
|
|
|
|
Educate your staff on e-mail security policies
Many of the security problems you'll face stem from improper handling of suspicious e-mail by your employees. Tell your employees what they should or shouldn't be doing to protect themselves and your business as a whole. Proper and consistent handling of suspicious e-mail can significantly reduce the risk of spreading viruses.
1. Develop and distribute a clear e-mail policy.
2. Update your policy as business needs change.
3. Implement technology that can detect confidential data or inappropriate content sent from your network.
4. Install and keep current antivirus software on all of your desktops and mobile devices.
5. Deploy content filters.
6. Watch for suspicious file types, including .exe, .com, .pif, .scr, .vbs, .chm and .bat.
7. Block files with more than one type of file extension.
8. Use spam-blocking software.
9. Quarantine suspected spam on a separate server.
10. Deploy security hardware and software that you can manage centrally.
|
|
|
CDW Leasing
CDW offers four different leasing terms with three end-of-lease options. Leasing specialists are available to assist with quotes, account information or any questions that you have. To learn more, contact your CDW account manager today. |
|
|
