What is Malware?
Malware is software that is designed to do you harm. The following are all forms of Malware
- Viruses
- Cryptominers
- Ransomware
- Trojans
- Keyloggers
- VPN hijacks
- Sextortion Password Blackmail
You may notice that traditional anti-virus providers are busy re-positioning their offerings as anti-malware.
First off, let’s get some definitions so we know what we’re looking at:
Viruses – were the original malware. A virus is something that does harm to your computer and may or may not harm your data. It can spread itself around other systems.
Cryptominer – uses your computer’s power to mine cryptocurrencies (BitCoin) for someone else.
Ransomware – encrypts your data and demands a ransom for it – generally in Bitcoin. Anecdotally, there’s a 50/50 chance that if you pay up, you’ll get access back.
Trojan – enables backdoor access to your systems, with a view to gaining access to sensitive data. This could be access to bank accounts, or your secret plans for a new product, or anything valuable.
Keylogger – is something that records your keyboard usage. Potentially can capture usernames, passwords, account numbers – everything you type.
VPN Hijack – A VPN is a Virtual Private Network, an encrypted channel which allows you to secure communications between your PC and another computer. A hijack of this will compromise your security by inserting another computer into your conversation, like a man in the middle to read your data as you type. That would be a bad thing – effectively this is like a keylogger or Trojan.
Sextortion Password Blackmail – this was 2018’s new thing. You get a mail referencing your email address and a password that was once valid somewhere, but suggesting the sender has highly embarrassing video footage of you. It’s not really malware, but it claims to be.
Those are the current threats. How do we deal with them?
1. Good anti-malware software, properly configured.
2. Backups. Working, tested, backups.
3. Secure passwords and multi-factor authentication.
4. Secure VPN (Virtual Private Network) software.
5. Mild suspicion and cynicism.
Let’s consider each of these five points.
Good Anti-malware Software
Decent business-grade anti-malware software won’t just tell you of potential threats. It will:Block malicious websitesControl access to USB devicesWhitelist/blacklist ApplicationsProvide central alertingProvide central reportingProvide central application control
Backups
There is nothing more useless than a backup which hasn’t been done, or a backup which hasn’t been tested, or a backup that isn’t of the right data.Schedule your backups – don’t run them manually.Make sure your backups run every night. Check they completed with no errors.Randomly restore a file every three months. Check it’s what you expected.Review what you backup every year or whenever things change.
Secure Passwords and Multi-Factor Authentication.
We’re none of us very good at remembering passwords. Don’t bother trying to remember them all. Remember a couple of key passwords and store everything else in a password manager – there are plenty of them out there, look for one that fits your needs. We use one called PasswordSafe, but your needs may be different.
Multi-factor Authentication (MFA) is a better way of proving who you are than just a password.
Essentially you combine something you know (your password) with something you have (typically a phone app with a code that changes every minute) to provide two identity proofs. Anyone might know your password, but they’d have to work hard to subvert the MFA app and its ever-changing code. Using MFA makes email, web banking, or access to control systems more secure.
Virtual Private Networks
A VPN connects your machine to somewhere else on the internet without outside intrusion. There are many reasons to use VPNs, for example:Connecting to work securelyImproving the security of public Wi-FiBypassing streaming service licencing restrictions
The important thing to remember about a VPN is that the P stands for PRIVATE. Make sure you understand who has access and control in any VPN. If you use any VPN service, ask yourself two questions:
1. How is it financed? If it’s “free”, why is it free? Make sure your data is not being exploited.
2. Who controls the far end of the VPN? If you can’t answer that, don’t use the service.
Suspicion and Cynicism
The people who write malware are not normally out to get you specifically. They’re after anyone who clicks on a link, answers an email, or connects to ‘free’ public Wi-Fi.
Always take a second look at any offers, or unexpected windfalls from the internet and ask “is this too good to be true?”.
What to do next?
If you suspect that your systems are not adequately protected, please get in touchand we’ll help you implement that levels of security you require.