Today, no company—large or small—is immune from attack by cyber-criminals. Every company that maintains data and accesses the internet is at risk. With the ability to access the company network and email just about anywhere, it is easier for people to work away from the office. Likewise, the ease of taking care of activities that normally would be considered home activities is easy to do from work.

Add in the increasing dependence on email, the use of pod devices (USB sticks, MP3 players), mobile devices working in unsecured WIFI networks, and social networking sites accessed through a company network, it is essential that companies address the security threat in order to prevent the loss of critical business information.

The Threats Business Face

Most commonly, all of the tactics used to attack a company’s information are classified as e-threats—malicious software designed to attack through stealth, operating undetected to gather information. While constantly changing, the trend among cyber-criminals is to use different e-threats with ever-improving stealth capabilities.

It is important to note that cyber-criminals today have access to all of the tools that businesses use to defend themselves. They use the same programs to test their attack methodologies and to monitor the success of their attack. For example, an attack may start with a trojan that is not recognized by the defenses a company has deployed. Once in, it continues to operate until the company’s defenses catch up, recognize the threat and take action. However, since the criminals are testing their attack with the same software, they can modify their tactics slightly to stay one step ahead of detection.

The most common tricks of the trade for cyber-criminals include

• Spyware: installs without the user’s consent and intercepts information or takes partial control over the interaction between the user and the computer. It sends this information to another computer for illegal use.
• Worms: self-replicates and sends itself to other computers, often without user intervention, causing network issues, primarily by consuming bandwidth.
• Adware: automatically plays, displays or downloads advertising material to a computer. Adware and Spyware are closely related, privacy-invasive types of threats.
• File infectors: attach themselves to program files, usually selected .COM or .EXE files and can infect any program for which execution is requested, including .SYS, .OVL, .PRG, and .MNU files. Some file infector viruses arrive as wholly-contained programs or scripts sent as an attachment to an e-mail note.
• Spam: a common abuse of electronic messaging systems, spam is a gateway for the introduction of various malware.
• Phishing: attempts to acquire sensitive information, such as user names, passwords and credit card details, by disguising itself as a trustworthy entity in an electronic communication.

With the proliferation of mobile devices with Web browsers and always-on Internet access, the mobile world is now open to these avenues for attack. Viruses based on browser exploits will increase over time, requiring diligent attention and strong security policies coupled with defensive precautions to minimize the risk. The use of removable storage devices, a convenience when moving files between computers, is a prime method for transporting e-threats from machine to machine, network to network.

Common Sense Ways to Protect Your Business

Fortunately, there are some common sense ways that people and businesses can protect themselves from e-threats. While nothing is fool proof, following these simple recommendations can improve security and reduce risks.

Ten steps to protect your business:

1. Don’t assume anything. Take some time to learn about securing your system.
2. Acquire and use a reliable antivirus program. Select an antivirus program that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.
3. Acquire and use a reliable firewall solution. Again, independent reviewers are your best bet for reasonable choices. Some operating systems come with a firewall, which only filters incoming traffic. Use a firewall that can control both incoming and outgoing Internet traffic.
4. Do not open e-mails from unknown or distrusted sources. Many viruses spread via e-mail messages, so ask for a confirmation from the sender if you are in any doubt.
5. Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.
6. Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. These kind of messages are considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.
7. Avoid installing services and applications that are not needed in day-to-day operations in a desktop role, such as file transfer and file sharing servers, etc. Such programs are potential hazards, and should not be installed if not absolutely necessary.
8. Update your system and applications as often as possible. Some operating systems and applications can be set to update automatically. Make full use of this facility. Failure to patch your system often enough may leave it vulnerable to threats for which fixes already exist.
9. Do not copy any file if you don't know or don't trust its source. Check the source (provenance) of files you download and make sure that an antivirus program has already verified the files at their source.
10. Make backups of important personal files (correspondence, documents, pictures and such) on a regular basis. Store these copies on removable media such as CD or DVD. Keep your archive in a different location from your computer.

Security Solutions: How Business Can Defend Themselves

In order to select the best security solution, it is important to understand how they work. The primary method for detecting threats is by their “signature.” A virus analyst looks at the code, makes a determination of its intent, type, etc., and creates a signature for it. This is sent via an update to their subscribers during routine updates. Once the signature is received, the computer is protected from the threat.

This model is more reactive than proactive as it only protects against known threats and cannot protect from zero-day threats. Additionally, the delay between identifying a threat and creating a signature is a window of opportunity that most cyber-criminals are all too happy and capable of exploiting.

Another methodology for the detection of attacks is the use of heuristics. With heuristics, the security software emulates a virtual computer-inside-a-computer, running pieces of software and checking for potentially malicious behavior. This provides proactive protection and increased detection of zero-day threats. However, false positives could have “safe” information classified as an e-threat.

Today, most security solutions use a combination of signature detection and heuristics—relying more on one or the other, depending on vendor—to offer protection from new and existing threats.

Conclusion:

As the threat level increases for businesses, it is clear that traditional methods of protection need to be enhanced. When choosing a security solution, businesses should look at the threat landscape as it pertains to their business, and select accordingly. If, for example, the business has multiple mobile users, a solution with strong protection for mobile devices should be selected. One thing for certain, adding a security solution with intelligent heuristics will help secure a business’ network to prevent intruders from attacking their computer network.

Bogdan Dumitru is the chief technology officer for BitDefender.