Cyberthreat.id
- Cases of document-based malware continue to increase, even more, 59 per cent of attacks in the first quarter of 2019 are contained in documents. The most
affected victims are companies, especially small and medium enterprises (SMEs)
because they do not have good protection.
In fact, being
a victim of file-based malware can cause big problems. Because attacks that
damage important data on an organization's computer will force companies to
stop operating, resulting in financial losses. In addition, there will be legal
problems due to the spread of personal data and financial data of its
customers.
Certainly, SMEs
still invest very little in cybersecurity. Fortunately, a new malware removal
solution has emerged to deal with file-based attacks. Providers of odix
security solutions even received a 2 million euro grant from the European
Commission recently to increase its pace of bringing technology to SMEs.
Here are some
ways how SMEs can reduce file-based attacks as written by The Hacker News.
1 - Disarming Malware
File-based
attacks involve malware that is hidden in documents that appear to be
legitimate. The malware activates immediately when the user opens the file.
Depending on the payload, malware can destroy or steal data. Many organizations
continue to rely on antivirus to deal with this attack.
However,
hackers now use more sophisticated polymorphic malware that automatically
changes to avoid signature-based detection used by antivirus. Companies can
also use air-mapped sandbox computers to scan and test documents, but this
often requires special hardware and personnel to manage.
Disarming The malware appears as the preferred way to prevent file-based attacks. Unlike
conventional antivirus and sandboxes, such solutions can carry out advanced
scanning that can detect sophisticated malware.
Not just
scanning files, the documents are cleaned, the dangerous code is eliminated.
odix, for example, uses TrueCDR (content disarm and reconstruction) technology
to ensure that files can be used perfectly after cleaning.
2- Email with a Strong Spam Filter
This year,
there is an average of 293 billion business and consumer emails per day. This
number is predicted to rise to 347 billion by the end of 2023. So clearly spam
continues to be an effective method of cyberattacks. People clicked on the
link in 14.2 per cent of spam emails in 2018.
Office email is
very open. Employees tend to click on spam email links and download and run
potentially dangerous attachments.
Some small
businesses might rely on free email accounts that come with their website
hosting packages. Unfortunately, such accounts are often insecure and do not
have the security and filtering features needed to filter out a malicious e-mail.
To thwart this the threat, companies can integrate more stringent spam filters that can protect
all corporate inboxes by blocking spam emails.
A tougher step
is to adopt solutions like odix Mail. This acts as a mail proxy for the company
mail server. All attachments contained in the incoming email were intercepted.
Then it is scanned and sanitized using an odix core machine. After these files
are cleared, they are reconnected to the message and finally sent to the
intended recipient's inbox.
3 - Alert Flash Drive
Flash drives,
external webcams and other USB peripherals can be armed to infect devices or
networks. However, employees tend to connect media and devices without much
attention, thinking that antiviruses can easily check for malware through
real-time security.
Unfortunately,
hackers can cleverly disguise malware on this removable media to avoid standard
scanning. Armed USB is also used to penetrate even air-conditioning systems.
SMEs can fight
USB-based threats that ensure that no unauthorized personnel can connect USB
peripherals to their computer systems. Network and operating system policies
can be defined to hold privileges that allow the insertion of removable media
on the workstation.
As an
alternative, companies can use tools such as the Odix Kiosk product which is a
special file sanitation workstation where users can insert removable media.
The kiosk acts
as a gatekeeper for all files contained in USB and disk drives. These documents
are checked and cleaned of potential threats, ensuring that no dangerous files
from the media have ever been sent over the network. The sanitized file can
then be sent to the user's email.
4 - Training to Avoid Phishing
Preventing file
based attacks also require users to change their mindset and behaviour. Including
ensuring that they do not fall into social engineering attacks such as
phishing.
Phishing is a
fraudulent practice of sending deceptive emails to extract personal and
financial information from unsuspecting victims. The many uses of email also
make it one of the preferred cybercriminal methods.
Phishing emails
are carefully crafted to mimic real correspondence from reliable sources such
as government offices, HR, or financial institutions.
SMEs must
provide appropriate training for employees to recognize suspicious emails and
links. Staff must also be trained to always check any files downloaded online
or from e-mail for security and legitimacy.
Having a
solution such as odix in place helps minimize the potential for company
exposure because tasks such as checking attachments and working documents are
automatically performed. However, paying employees with the right knowledge
about how to use technology resources safely and adequately.
this article
was originally published on ------- Read More –