You think nothing of it, your Antivirus solution has flagged up that a virus, malware or spyware was stopped at the gate and you carry on with your day. Wouldn’t that be the ideal situation?
Many companies are using no or insufficient threat protection while having multiple users accessing sensitive information, possibly from remote locations. Let’s have a look at the potential threats and what can be done to stop them.
A computer virus, as the name suggests, is a program or application which is designed to “infect” a target PC for various reasons and gains. They could be financial, reputational or simply just to annoy. Malware, refers to a piece of software engineered to bring down or harm a machine, whereas spyware is usually transmitting data back to a command center (keystrokes, files etc).
There are many risks associated with viruses being detected on machines, let’s have a look at 10 examples of what could happen should you remain unprotected.
Most malicious software will propagate across a network relatively quickly. Common methods include network transmission, attaching itself to emails and jumping onto USB sticks. With that in mind, should you have 100 PCs which could be infected, without a managed Antivirus solution, this may involve you having to manually scan each machine to ensure that it’s not been compromised. This takes time, which leads us onto point 2….
The UK average salary is £29,000 which is where this figure is derived from. This isn’t just the direct cost of an employee having to complete the task, but generally, once infected, the machine would need to be scanned on startup, meaning that the end user cannot work while this is ongoing. It could be said, that the figure is much higher as the overall loss in productivity would be more than £7000. Outsourcing this task may involve further fees.
Viruses which attach themselves to emails may not just try to replicate themselves. Once in and attached, they could send anything via email from an employee’s account. You may have had to phone someone to tell them that you received a “dodgy looking email” from them and wanted to be sure it was from them. There’s no limits to what could be sent by an application, whether it’s fabricated material to actually sending company sensitive documents to a malicious mailbox (or everybody).
You login one morning, all of your icons have turned white and there’s a message on your screen. “To unlock these files, send 2 Bitcoin to this address. You have 24 hours”. (2 bitcoin is about $18,000 USD). People often comply, thinking that this will actually help, when infact, they’ve just paid the ransom with no chance of return. Once in this situation, without a backup, there is no going back. You’ll usually have to wipe the machine and hope that none of the servers or cloud services are infected.
Using a cloud solution such as OneDrive, Google Drive or DropBox is not a suitable backup method. As we use software which facilitates these file transfers (such as OneDrive being accessible in File Explorer), it’s still highly possible that any infection can spread to these services; deleting, editing, emailing, encrypting all of the files in there. If, for example, it was to target a Sharepoint instance, this will impact the entire company.
There are many products available. The ones to look out for are the hollistic approach of “Anti-Virus, Anti-SpyWare and Anti-Malware”. These usually cover all bases and are a good starting point to taking security seriously. They should ideally; monitor web traffic for malicious websites, scan email attachments (ideally before they arrive) and scan in real time. With this level of coverage, you will be mainly covered against the most common threats.
From a small business all the way up to a large corporate, every machine should be protected and somebody in the business should know whether each machine is protected. A large number of Cloud solutions are available for small businesses (which don’t cost a large sum of money) which allow real-time monitoring of devices (as long as they are connected to the internet) so that a global vision of your estate is available on one page.
Windows 7 went end of life on January 14th 2020. It hasn’t received any more security updates since this date. Due to this, malicious actors can look at the source code and find more ways to exploit the operating system. This is exactly what happened with the NHS in 2017, taking 16 hospitals completely offline, putting patient’s lives at risk. At the time, the operating system was Windows XP which had also just gone end of life. This cost the NHS £92m in total to recover from this incident.
A firewall is a software or hardware appliance which controls who (or what) can connect to which device. This is useful when running a Web Server or need access to something remotely. This won’t protect against malware unless you have a unified solution such as Sonicwall or Sophos (which usually require extra licensing from out of the box).
As long as you have some anti-malware solution installed too. Malwarebytes is good for that. We are Antivirus agnostic, but have a soft spot for BitDefender Gravity Zone as it provides a cloud-based monitoring solution with a whole host of extra features for Advanced Endpoint Protection should you wish to have them.
If you do think that there’s even the slightest possibility that you or your business may be infected, then please reach out to us and we will see what we can do. We offer a free 30 minute security consultation via Phone, Zoom or Teams. We also have a range of anti-virus solutions available for businesses of all sizes.