For most businesses, preventing data loss from malware has always been a priority. But as today’s companies become even more data-centric, and the cyber threats more vicious, keeping malware at bay is more important than ever.
- But what happens when a virus does slip by?
- What if malware destroys one of your most critical applications?
- What if ransomware locks you out of all your data?
In this blog, we look at how malware has become one of the top causes of data loss, and what your organization should be doing to combat it.
Data loss from malware. Which cyberattacks threaten your data?
Not all malware poses a direct threat to your data, even if it’s destructive in other ways.
Take cryptojacking, for example, which secretly uses your computers to mine cryptocurrency for its attackers. Cryptojacking is exploding right now, and it’s delivered like most other malware: through infected sites, infected ads, phishing emails, unpatched software and so on. It bogs down your system resources and creates headaches for everyone. It’s bad. But is it bad for your data? Not necessarily.
That said, there are plenty of other forms of cyberattacks that do put your data at risk. Here are some of the big ones:
- Ransomware: This pesky malware encrypts your important data and throws away the key, unless you pay the attackers. Jump below for a full breakdown on the dangers of ransomware.
- Data exposure malware: Considered one of the worst kinds of cybersecurity breaches in 2018, “data exposure” involves taking sensitive, privately stored data and putting it in a publicly viewable location. Like ransomware, sometimes the attackers will demand payment in return for making the data private again.
- Denial of Service (DoS): We often hear of DoS attacks on websites—when attackers flood a page with so much traffic, it crashes the site. But DoS attacks can also target your databases, blocking you (or your customers) out of the critical data that keeps your business running. The biggest DoS attacks are usually caused by massive botnets that have been created via secretly installed malware on computers around the world.
- Data deletion and modification: Some malware, like Trojans or the W32.Narilam worm, for example, is designed simply to delete or modify sets of data from a database, for seemingly no other reason than to cause destruction or hurt the company’s reputation.
- Data theft: Aside from simply destroying or encrypting data, sophisticated hackers are using malware to steal your most sensitive information. The hackers can then make big money selling that data, especially if it’s users’ personal information, like emails, addresses, phone numbers, credit card numbers and passwords.
- Spyware: Spyware secretly monitors the activity of users (i.e. your employees or customers). Spyware was the #2 form of malware for businesses in 2017. And while it does not directly harm your data, it makes it vulnerable to theft or additional cyberattacks in the future.
- Hijackers: Hijackers typically redirect users’ browsers to unwanted ads or websites. And while this alone doesn’t harm data, it can hurt productivity and also lead to more dangerous forms of malware being installed through malicious sites.
Ransomware is still awful …
No form of malware has caused more headline-making destruction in the past two years than ransomware.
Ransomware has been around for years, but it got the most attention in 2017 after WannaCry and NotPetya disabled thousands of computers across the globe. While recent trends suggest that ransomware is declining, the attacks are getting more sophisticated. Most attacks occur when users inadvertently open infected emails, but WannaCry and NotPetya both exploited known vulnerabilities in Windows.
Protecting against data loss from malware
- Back up everything:First and foremost, you need to have a backup plan in case malware breaks through all your layers of defense. A good data backup & disaster recovery solution will ensure that you can restore any data that has been encrypted, corrupted or compromised by malware.
- Use business-grade antimalware & antivirus solutions: Smaller businesses may be tempted to use the same free antivirus software they use on their home computers, but this is a no-no. Invest in a premium solution that is designed to provide stronger, more customized protection for businesses.
- Update your anti-malware constantly: New strains of malware are constantly being discovered. Your antimalware software won’t be able to detect them unless it’s updated with the latest definitions. Make sure the software is set to update and scan automatically, every day.
- Set up a firewall and spam filters:Your network should be set up with a firewall to block malicious communications from entering the network. Firewalls can block traffic from known malicious IP addresses, as well as other potential threats. For even greater protection, consider upgrading from your built-in firewall capabilities to a firewall appliance. Strong spam filters should also be used to greatly reduce the quantity of bad emails entering your inboxes.
- Train your employees: Most malware infections occur because of user action: opening a bad attachment, clicking a bad link, installing unauthorized software and so on. You can dramatically reduce this risk by regularly training employees on safe practices for email and web. Also, educate them on how to spot the signs of a malicious email and how to deal with messages from unknown senders.
- Require stronger passwords:Weak passwords make it easy for intruders to infiltrate your systems and compromise your data. When possible, configure all authentication-based software to require strong, multi-symbol passwords, which must be updated frequently.
- Patch everything: The victims of WannaCry and NotPetya could have prevented the infections if they’d only patched their operating systems. The same goes for a wide range of malware every day. Malware often takes advantage of vulnerabilities on outdated software, systems and firmware, so it’s important to patch as soon as updates become available.
- Use privileged accounts and access controls:When a user on your network has free access to every folder on the server, so does the ransomware infection that enters through that user’s computer. Set stronger controls by limiting users to only the folders and files they need. The approach of “least privilege” will prevent many forms of malware from spreading across your network.
- Disable macro scripts from office files:Malware is often hidden within Word documents and spreadsheets disguised as legitimate files. Disabling macros on such files, and using file preview functions, can help to prevent the malware from installing if the user attempts to open the file.
- Use application whitelisting: Prevent any unauthorized software from being installed or opened. Only whitelisted software should be able to run (thus preventing certain malware from executing).
Need any help?
For more information on how to protect your data from malware and other disasters, contact our security experts at Ctelecoms.