Cyber Essentials Decoded: Malware Protection

Malware is a big cyber threat to any business, big or small. An attack can be devastating to your systems and data, not to mention your brand reputation. Therefore, leaders must consider what level of protection is needed to defend against these threats and look at all elements of their cyber essentials plan.

What is malware?

Malware is short for malicious software – things like computer viruses, worms, spyware, and ransomware. Their purpose? To infiltrate a computer system without the owner’s informed consent and with the aim of making money illegally through fraud, extortion and identity theft.

The data backs up the idea that malware is absolutely a real and present issue for American businesses, with reports that a quarter of American organizations were victims of ransomware in the past year. SonicWall states that despite a decline in malware attacks, ransomware volume shot up by 195% in the first half of 2019 with America being the most attacked country in the world.

Anti-malware can help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer. But there is more to the story, as anti-malware alone is not enough to offer full protection.

How does malware attack?

Usually, the most common way malware will be installed on your device is through a phishing attack. An example of this is when you receive an email from someone pretending to be your bank or another trusted institution asking you to open an attachment or click on a link. If you do click on that link, malware will attempt to install itself on your device.

Clicking on an advert that appears on a website or downloading software from a non-manufacturer approved source is another common way to infect a computer device with malware. Removable storage devices such as a USB stick can also bring a malware infection.

If you are hit by a malware attack presented as ransomware, you’ll be prompted to pay a ransom to get your data back. But this threat is not to be trusted as often after the ransom is paid, the files are not decrypted. This is known as wiper malware. For these reasons, it’s essential that you always have a recent offline backup of your most important files and data.

The different types of Malware

Oh, settle in and take a deep breath because there are quite a few! The list is quite extensive, which just highlights the importance of a well-rounded, fully planned strategy to protect your organization.

Types of malware include:

  • – Ransomware
  • – Zero-day Attack
  • – Computer Worm
  • – Rootkit
  • – Zip bomb
  • – Backdoor
  • – Logic Bomb
  • – Pop-up Ad
  • – Adware
  • – Pharming
  • – Dialer
  • – Polymorphic code

Protecting your devices with Cyber Essentials

So, how do we protect important operating systems and devices?

At Monterey Computer Corporation recommend five main defenses, which are also the five main strategies recommended by Cyber Essentials accreditation.

Anti-malware software
Anti-malware software will monitor your device for any malicious activity, and if it finds anything, it will destroy it before it causes any harm.

Many operating systems have anti malware already installed, but you absolutely cannot rely on this. You will need to ensure you have a system for applying anti malware software, and this will include purchasing a third-party malware protection software to be fully protected.

Application sandboxing refers to a strategy of software development that isolates applications from other system resources and programs. By limiting the environments in which certain code can execute, you can prevent unauthorized access to other resources unless permission is explicitly granted by the user.

Application whitelisting
This allows you to manage a list of approved applications that are allowed to run. This is a good strategy because by creating a list of trusted applications and allowing only those apps to run on managed devices, you are adding an extra layer of defense.

Patching allows you to keep the software on computers and your network devices up to date, which then means your systems can resist low-level cyber-attacks.

Firewalls & Secure Configuration
Firewalls are a great defense as they can monitor incoming and outgoing network traffic and then decide if the traffic needs to be allowed through or blocked. Coupled with a secure configuration strategy, where certain security measures are implemented when building and installing computers and network devices, you can then be reassured that you are protected against unnecessary cyber vulnerabilities.

Protect your business
Want to know more about the Cyber Essentials requirements? Our team at Monterey Computer Corporation can offer you the expertise and support needed to achieve Cyber Essentials certification or Cyber Essentials Plus certification. For practical help with your certification and cyber security, please get in touch with our expert team at Monterey Computer Corporation
Contact us today

Interested in Finding out more about our IT Service Desk?

Call us now +1 (831) 646 1147 or send us an email for a free consultation