8 threats that even antivirus cannot catch

398
-1

Published on

Malware attacks and data thefts are on the rise as evident from the recent news headlines. The mere use of antivirus software wouldn’t serve the purpose. The reason being, antivirus programs block attacks by using patterns or signatures to identify malicious software code. This signature-based detection was successful when the threats were lesser and spread over a good time frame.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
398
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

8 threats that even antivirus cannot catch

  1. 1. 8 threats that even antiviruscannot catch
  2. 2. Malware attacks and data thefts are on the rise as evident from the recent newsheadlines. The mere use of antivirus software wouldn’t serve the purpose. The reasonbeing, antivirus programs block attacks by using patterns or signatures to identifymalicious software code. This signature-based detection was successful when thethreats were lesser and spread over a good time frame. Relying entirely on antivirussolutions will not serve the purpose now because your system is exposed to threats inroutine situations.The whitepaper published by John Metzger, Senior Product Marketing Manager, andJonathan Shaw, Product Manager at Sophos highlights eight everyday threats in whichwe need to update the protection of our PC beyond traditional antivirus program. Let uslook at them and understand their implications:1. The zero-day threatZero-day threats are those malware threats that are not recognizable as they didn’tmatch up with earlier threats. As per the research report, “Zero-day threats can alsoexploit zero-day vulnerabilities, or previously unknown security deficiencies thatsoftware vendors have not yet patched.” In March 2011, unknown attackers unleashedthe zero-day attack on RSA Company by infiltrating its servers and stealing sensitiveinformation.Preventive measure:Run security scan on a regular basis to detect and remove the latest threats.2. Working outside the firewallWorkplace has become mobile now and has provided opportunity to employees toaccess their mails from outside – be it airports, hotels, cafes, or home. This access hascreated an unsecured network. Cyber criminals can exploit such vulnerable networks topush malicious software and spam through Conficker worm.Preventive measure:Keep your operating system up-to-date by installing the latest patches.
  3. 3. 3. The unpatched PCAs per the whitepaper, “One small unpatched vulnerability in an application, browser oroperating system can lead to huge problems.” Hackers invade such unpatchedcomputers with Conficker worms and instruct infected PCs to transmit valuableinformation like financial account credentials.Preventive measure:Download and install all the latest patches on your computer. According to a Gartnerreport, “90% of successful attacks against software vulnerabilities could have beenprevented with an existing patch or configuration setting.”4. The uncontrolled applicationMany of our favorite personal applications like instant messaging (IM), social networkingsites, peer-to-peer (P2P) clients, voice over IP (VoIP) and games, brings unacceptablerisk or performance issues. As per the research, in 2010, the U.S. Federal TradeCommission sent letters to almost 100 organizations whose personal information,including sensitive data about customers and employees, had leaked onto P2Pnetworks.Preventive measure:You can disallow the permission to install unwanted applications.5. Web insecurityOne may visit some inappropriate sites, knowingly or unknowingly. These sites oftenredirects to sites hosting fake antivirus programs also known as scareware. Infectioncan even be spread from a compromised reputable site through browser plug-ins.Preventive measure:Use URL filtering mechanism to block all those sites know to host malware like porn,hate, and gaming sites.
  4. 4. 6. The lost laptopThe difficult thing in a lost laptop is to recover exposed information. In a studyconducted for Intel in 2009, it was found that a single lost or stolen laptop could costapproximately $50,000 to its owner.Preventive measure:Data encryption is the remedy to be used on all laptops and removable storage devices.7. Misdirected e-mailOne typo error can send your important documents and confidential data to a wrong e-mail id. This information can be exploited by criminals for organizing identity thefts.Preventive measure:You can ensure that files are encrypted before transferring through e-mails so as toprevent any damage. You can also use data loss prevention software to warn therecipient user or block the file transfer.8. The infected USB deviceUSB device bypass your computer’s firewall protection and could be a source ofmalicious software.Preventive measure:Verify the authenticity of thumb drives and CD before using them. Such removablemedia may be contaminated with malware. You can also use software that allows read-only access to such devices.ConclusionThe best defense is use an endpoint protection solution that provides multiple layers ofprotection, including live antivirus, behavior-based detection, web protection, applicationcontrol, patch assessment, network access control, data encryption, data lossprevention, and device control.

×