The most common question we hear following a malware infection or security breach is this: “How did this happen!?” In most cases, it’s difficult to find an answer to this question without hours of analysis. However, the vast majority of cases can be attributed to end-users being tricked into doing something by someone with malicious intent.The standard protective measures consisting of anti-virus, spam filtering, and a firewall are critical components to keeping your network safe, and they will prevent a massive number of potential threats, infections, and breaches. Still, they will never be 100% foolproof. I often use the image of a bulletproof vest to describe the effect of these security layers: they’ll protect you from most shots, but they won't make you invincible. Malware authors will always find new techniques and exploits. Malware is an arms race in which security vendors constantly patch exploits and close loopholes only for another new threat to pop up right around the corner. Users will be fooled into believing something is legitimate. They’ll click through a half-dozen warnings from your security measures because they’re convinced these are false-positives; only to find out hours later that they’ve been hit by Cryptolocker.
This is why it’s just as critical to train your end-users as it is to keep your security layers up to date. Malware authors will cleverly come up with new ways to circumvent antivirus and security checks, but in the end, a majority of malware still requires some kind of end-user interaction to breach your network. Over the next several days, we’ll highlight some of the most common way users can be tricked into giving out confidential information or helping malware find a door into your system.
By subscribing to B/P Impressions, you'll receive these and other upcoming blog updates in your email inbox.