What is malware?
Software that intentionally seeks to cause damage to a computer or device. Malware is an umbrella term for many malicious software variants including viruses, ransomware, and spyware.
Current threats/trends:
- Malware is down overall, but attacks towards IoT devices have increased 50%. IoT devices include: Ring doorbells, home security cameras, baby monitors, smart light bulbs, etc.
- The US is the number one target for malware attacks
- Iowa is one of the top ten states in number of users that contract malware.
- Stay safe by changing the default password on your IoT devices and updating the firmware regularly (you can usually check for updates by using the associated app on your smartphone)
- Check reviews before purchasing IoT devices. If a particular brand is available at a much lower price point, they may have minimal security features.
General Recommendations
- Train your staff to read emails with caution: hover over links before clicking, check the sender information, have secure ways to share information outside of emails (for payroll, ACH, etc.)
- Consider using a security service to test your users for email and phishing knowledge – ITS can send bogus emails and track which users click and provide the requested information through the phishing link. This will help you know how savvy your users are and develop future training opportunities.
- Consider using a link protection service – we use a product through Sonicwall for our ITS email. Sonicwall opens and inspects each link we click in an email, and refuses to provide the connection if the link leads somewhere spammy or unsafe. A similar service keeps us safe from file attachments.
- Setup an external sender policy to help your users spot phishing attempts – when an email comes from outside of your domain, a message or tag is attached to warn your users that it came from offsite. This helps with emails that are designed to look like they came from a company administrator, but actually came from a cyber criminal. (like those emails requesting payroll information or gift cards)
- Use an antivirus software and keep it up-to-date
- Make sure your Windows devices are up-to-date – Windows 7 and Windows Server 2008 are no longer under support.
- Use a firewall and modern connection protocols to keep remote users connected safely to your servers and resources. Or, consider a cloud-hosted model to make remote work even more efficient!
Do you have questions about any of the threats listed, or are you interested in learning more about protecting your users and network? Contact ITS for more information on our security solutions!
Download the full report: https://www.sonicwall.com/2020-cyber-threat-report/