The most common question we hear following a malware infection or security breach is this: “How did this happen!?” In most cases, it’s difficult to find an answer to this question without hours of analysis. However, the vast majority of cases can be attributed to end-users being tricked into doing something by someone with malicious intent.The standard protective measures consisting of anti-virus, spam filtering, and a firewall are critical components to keeping your network safe, and they will prevent a massive number of potential threats, infections, and breaches. Still, they will never be 100% foolproof. I often use the image of a bulletproof vest to describe the effect of these security layers: they’ll protect you from most shots, but they won't make you invincible. Malware authors will always find new techniques and exploits. Malware is an arms race in which security vendors constantly patch exploits and close loopholes only for another new threat to pop up right around the corner. Users will be fooled into believing something is legitimate. They’ll click through a half-dozen warnings from your security measures because they’re convinced these are false-positives; only to find out hours later that they’ve been hit by Cryptolocker.
Let’s first of all define ‘botnet’. Botnets - sometimes referred to as zombie armies - are networks of computers infected with malware that force those machines to do a hacker’s bidding without the owner’s knowledge. How-to Geek has a more comprehesive definition - including helpful graphics - than we have time for here.
Over the last two years, a clever botnet program has allowed cybercriminals to take over unprotected computers and quietly generate profit for themselves. Redirector.Paco is the name of the malicious Trojan horse virus designed to
Topics: Network Security
For the past year or two, a new type of malware, commonly known as CryptoLocker, has been in the wild. Rather than make it appear like you have a dozen viruses and demand money to remove them, the mischief-makers have escalated to permanently damaging/corrupting your files unless you pay to decrypt them. If this occurs, there are only two ways to get your files back: restore from an isolated back-up or pay them, and paying them generally doesn’t work.
In most cases, if you’re a Bennett/Porter IT client, you have a backup system in place. However, please note that it is typically only the servers being backed up. In the event that a user is storing critical files locally, they may be lost if that person's workstation is infected. So, beyond standard anti-virus protection, how can you defend your network from this threat and minimize the damage if it gets through?