Protect your small business from malwareDate posted: 4/14/15 10:45:00 AM
The day when hackers only targeted large corporations is long over. Small businesses now find themselves among the frequent prey of cybercriminals. According to Rich Mogull, a security analyst for Securosis, the biggest risk for small and midsize businesses stems from bank account fraud targeting those smaller companies.
"We've seen cases where there have been fraud protections on the accounts, but once hackers find a set of credentials and log on to the bank website, they are still able to push that activity through," Mogull told Entrepreneur.
Kevin Haley, director of Symantec Security Response, a research division of Symantec Corp., said that many cyberthieves circulate malware on the Internet that is designed to collect usernames and passwords from a company's computers.
"There are a lot of bad guys out there that recognize that this is a good way to make money," Haley told Entrepreneur. "Some of them may not be that skilled, but they don't have to be because they can go buy tool kits and get into this business without even knowing much about technology."
Advancements in cyberassaults
Haley reported that malware technology is now so advanced, all a person needs to do is figure out how to infect a particular machine to make it widespread throughout a company. A criminal can do that by sending an email as an attachment or by breaking into a website and putting it into the HTML code so when a visitor clicks on the site, the website automatically downloads the malware onto the visitor's machine.
Malware has gotten so automated that all a bad seed needs is to figure out how to get an infection onto machines to open up a world of possibilities. Haley said criminals can even do it by "putting it into peer-to-peer networks and making it look like the latest Taylor Swift MP3."
CNN reported that a tactic called Spear Phishing is one of the most commonly used among cybercriminals.
Spear Phishing is a targeted attack that makes emails look like they've been sent from someone in the company or a commonly known business acquaintance. That makes it fairly easy for someone employed by the company to unknowingly open a malware-laden email, which will take them to a fake page where hackers are able to attach malware to their browser.
"Just one bad password used by an employee can lead to a breach that affects the entire company," Michael Kaiser, executive director of the National Cyber Security Alliance, told U.S. News.
Software that helps prevent malware
Most security experts agree that antivirus software is a solid tool crafted to keep out some of the more well-known viruses and attacks. But antivirus software alone won't be able to stop the slew of new malware designed by hackers.
"There are some basic things you should be asking yourself," Haley said. "'How many people have access to the online banking? Are they doing other things on their computers? How am I protecting those machines? Do I store credit cards as a part of my business? If I am, then how am I protecting those?'"
Small businesses should focus on where the most risk takes place, which is through web and email attacks. Organizations can take measures into their own hands by focusing on protecting those channels, which include employee email filtering and web-filtering technology.
Mogull also said that small businesses should consider purchasing business-class antivirus software compared to the consumer-class software. It might cost more upfront but it will also have added features designed to keep a small business safe.
- How to save $1000 (or more) on a budget - 1/19/18
- Overlooked home maintenance for every season - 1/5/18
- Winterizing your home and finances - 12/12/17
- Retirement plan options - 11/29/17
- Best time to buy a car: December - 11/29/17