May 6th, 2014
Once your computer is infected with malware, it can be a long, complicated process to remove it. An infected system is at risk for data loss and risks spreading the malware to other computers. The best security is to keep the infection from ever happening. To do that, you need to know where malware infections typically stem from. At Business New Daily, Sara Angeles lists the most common tactics taken by malware to infect users.
A decade ago, pop-up ads were common online and were a common way of spreading spyware and other malware. The use of pop-ups has significantly decreased over the years and online advertising has become much more legitimate. However, there are still plenty of malicious online advertisements that have the singular goal of infecting users. Sometimes referred to as malvertisements, online ads exist that are capable of infecting users without even a click. The display of these ads can be enough to install malware on your machine. Usually, these ads are found on less than reputable websites, but through an intelligent attack, they’ve been known to plant themselves on trusted sites from time to time.
The traits that make social media so popular are also the primary reasons why it’s often the route of attackers. Messages received on social media are trusted because they appear to be from a friend or recognized contact. There’s also the sheer number of users. An attacker has a better chance of seeing his malware spread to thousands or millions of users on social media than through other avenues. Facebook messages and Twitter DMs are common ways to spread malware, but there are also malicious Twitter accounts that tweet out spam and malicious website links.
Smartphones enjoyed a short period of safety from malware, but as the mobile audience has grown, so has the amount of malware targeting it. Android users are at a much higher risk of malware due to the operating systems open source nature, but iPhone users have seen their share of security scares also. Malicious apps that are either downloaded from a third party or infiltrate the official app store are usually to blame for a mobile malware infection. Malware can also be spread to mobile devices through text messages, emails or through infected websites.
Regardless of the number and effectiveness of security tools you have in place, an unsuspecting and uneducated user is likely to encounter plenty of malware. Even those that know not to click suspicious looking links or download apps from outside the official app store can be duped. Malware developers use social engineering to manipulate users and make links irresistible. They play off of current news stories and promise deals that are too good to be true. If it didn’t work, they’d stop doing it, but there’s no end to these tactics in sight.
Much like social media, nearly every internet user also has an email account. Malware is commonly spread as an attachment to spam messages that claim to be from a trusted business, website or government agency. Users who download these attachments have their computer infected with malware, and often end up spamming their entire address book with malware and malicious links. This is another problem as other users receive messages that appear to be from a friend and instinctively trust the contents.
Malware is becoming more intelligent. Recent attacks have been able to hide themselves from security tools or encrypt a user’s files.
If your device is infected with malware, bring it to Geek Rescue or call us at 918-369-4335.
April 16th, 2014
It’s no secret that malware is an ever-present threat to internet users. It’s also no secret that while defenses against malware are steadily improving, the number of malware being produced and its capabilities are growing. A recent study released by security firm Panda Labs confirmed the growing threat of malware, as Tony Bradley reports for PC World.
In their 2013 security report, Panda Labs found that about a fifth of the malware that exists was created last year. That speaks to the rapid growth of malware production. In 2013 alone, 30-million new threats were created, which breaks down to about 82-thousand per day.
Of these newly minted threats, about 70-percent are trojans, which are particularly troubling forms of malware capable of mining data and even controlling an infected computer while staying hidden from users and security tools. Total, Panda Labs discovered more than 20-million trojans. The rest of the malware was made up of a combination of worms, viruses and adware or spyware. Trojans were also responsible for the most successful infections and accounted for almost 80-percent of infections in 2013.
In terms of application vulnerabilities, Java was to blame for the most attacks. Exploits on a security flaw in Java led to successful attacks on Twitter, Facebook, Apple and Microsoft.
With so many forms of malware around, it’s amazing users aren’t victimized more often. Most users aren’t infected by malware often, but even becoming the victim of malware once each month would mean you avoided all but .0001 of all new threats. Given these statistics, it’s clear why experts warn that there’s no such thing as perfect security.
Panda Labs also agreed with the consensus that in the mobile world, Android is the most popular target for malware producers. They also sent a warning to users that more targeted attacks aimed at stealing data would be coming this year.
Users who are unprotected by security tools like antivirus programs run a significantly higher risk of becoming the victim of an attack. This could lead to the harm of your computer and the theft of your data.
For help securing your computer or recovering from an attack, call Geek Rescue at 918-369-4335.
April 15th, 2014
Spyware has been a problem for internet users since the mid-90’s. Software that is able to gather information, or spy on a user, without their knowledge falls under the umbrella of spyware. In 2007, an estimated 850-thousand computers in the US were essentially rendered inoperable by spyware, according to Consumer Reports. Since then, spyware hasn’t become less of a problem, but there are better ways to protect yourself from it. Steve Bell of the BullGuard blog has some tips.
First, it’s important to understand the typical ways spyware gets onto your computer. The most common method is to piggyback on other programs you download. For the most part, free software is free for a reason. While the spyware included might not be malicious, it is still not something you’d volunteer to have on your machine. Some software installation methods will let you opt out of additional programs and spyware that’s included, but others install it automatically.
In order to stay safe, it’s important to be careful about anything you download. Spyware can also stem from spam emails, links and advertisements. There are a number of antivirus tools that also protect you from spyware. There are even some legitimate, dedicated anti-spyware tools, but be careful. There are plenty of programs claiming to be security programs that are actually malware or spyware themselves. Not only will these programs infect your computer, they won’t offer you any protection at all from other threats.
If you’ve already been infected, or if you’re not sure, Windows users can head to the Control Panel and check the list of installed programs. If you don’t recognize some of the programs listed, there’s a chance they’re spyware. Before uninstalling, you might want to do some additional research.
Unfortunately, not every piece of spyware installed on your computer will always show up this way. Some can even convince you that it has been uninstalled but actually remain in operation. For these particularly nasty cases, you’ll have to rely on a trusted security application. They’ll be able to recognize the common characteristics of spyware and either block it before it is installed, or help you remove it.
If your computer is infected with spyware, malware, viruses or you’re having other issues, call Geek Rescue at 918-369-4335.
April 11th, 2014
A common piece of advice is to keep applications updated, especially antivirus programs, to try to keep up with constantly evolving cyber threats. At Dark Reading, Tim Wilson reports on the recently released Websense 2014 Threat Report that finds advanced, targeted attacks are more prevalent than ever before. This means that relying on out of date malware definitions and failing to patch vulnerabilities quickly are more likely to cause users to become victims of an attack.
Websense reports preventing more than 4-billion attacks in 2013. Almost all of these attacks were intelligently designed to by-pass traditional security tools and pursue confidential data. The worry is that not only are the highly targeted, advanced attacks able to fool traditional security infrastructures, but attacks considered more common and able to affect users on a large scale are also using advanced tactics to avoid detection and prevention.
A common attack tactic is the use of malicious links, either on a website or included in an email. Clicking these links causes the download of malware, or directs users to phishing sites designed to steal log-in credentials or other important information. In 2013, 85-percent of these malicious links were found to be located on legitimate, trusted websites that had been compromised. This makes it exponentially more difficult to recognize and prevent this style of attack because the website being used isn’t designed as an attack site.
About one-third of all malicious executable files discovered in 2013 contained custom encryption of programs designed to remotely take control of a system or mine data from it.
There were also a reported 67-million exploit kits discovered throughout last year. An exploit kit is a way for developers with expertise to design an attack and sell it to others to be easily customized and launched at the target of their choosing. These kits make it easier for more criminals to launch an attack because it only takes money, rather than expertise.
The takeaway from the Websense report is that no user is safe. There are so many threats to your safety, you’re bound to run into one eventually. This report also speaks to the importance of being proactive in your security. Update and patch often and be looking for new ways to protect your network.
For help improving the security of your network at home or at the office, or for help recovering from an attack, call Geek Rescue at 918-369-4335.
March 28th, 2014
A recent study found that many businesses are falling short on basic security measures. While many use antivirus programs and similar tools, they fail to implement them or monitor them correctly, or fail to keep them sufficiently updated. This leads to vulnerabilities that could allow for costly attacks. Brian Prince of Security Week reports on the common vulnerabilities contained in most companies’ security.
Managed security provides, Solutionary, recently released a report about common threats and vulnerabilities they’ve observed with their clients. In it, they find that while nearly all companies understand that using an antivirus program is a necessity, many of them fail to properly maintain it. Because malware and attacks are constantly evolving, it’s already incredibly difficult for security tools to detect threats. When those tools aren’t kept up to date with the latest definitions, it becomes almost impossible for them to provide any real security.
Solutionary found that less than half of the malware that they captured in honeypots was detected by their clients antivirus programs. Compounding that problem is that many of these malicious items downloaded more malware to infected networks, which also weren’t detected by the antivirus program in use.
Many of the vulnerabilities found in a company’s security resides in internal systems. Generally, this happens because external facing systems are a known attack point. Businesses usually spend the majority of their security budget on protecting them. Internal systems, like operating systems and applications like Microsoft Office are regarded as less important. Failing to properly update Windows, or applications leaves known vulnerabilities exposed. A vulnerability in Microsoft Word could lead to a network wide infection.
Missed updates for antivirus programs, operating systems and other applications happen because of a lack of asset management and because the IT security team doesn’t fully understand key pieces of the company’s infrastructure.
For help creating an effective security infrastructure for your business, call Geek Rescue at 918-369-4335.
March 27th, 2014
In a previous post, false positives were listed as a factor in ranking the best available security tools. Even for an individual user, false positives can hinder the effectiveness of your security infrastructure but they become significantly more costly when applied to an entire company’s network. Ken Westin of The State of Security explains how false positives and an over-emphasis of security contributes to an insecure environment.
When’s the last time you heard a car alarm and reacted like there was a car in the area being broken into? The car alarm is a perfect example of false positives causing a lack of security. They go off constantly, which has made people ignore them in every situation. They’re now just noise.
In the case of security tools, antivirus programs that flag every download as a potential virus or even those that constantly warn you about a new application running with access to the internet turn into noise. If nine out of ten of the alerts you get from your antivirus program are safe to ignore, the one legitimate warning will likely be ignored also.
In a corporate environment, when the different security tools running don’t communicate with each other, they all flag the same perceived threat. Again, this puts IT professionals in a situation where it’s habitual to ignore security alerts, rather than investigating them.
The gut reaction to a breach of security is to add to the number of tools protecting a network. While that may help protect previously uncovered endpoints, it also creates an overlap of the existing tools. Without an infrastructure that works together, you’re just creating more noise and no more protection. In the case of many more complex security resources, staff will spend an exorbitant amount of time debugging and integrating these tools, which significantly decreases the amount of time available to monitor and mitigate threats.
The tactics of attacks evolve quickly and there are more highly targeted attacks victimizing businesses than ever before. Since most security tools work by recognizing known characteristics and patterns of previous attacks, these tools are less effective at spotting and preventing threats to a network. That’s why it’s increasingly important to have a team in place to review data and activity so a breach can be detected early.
Effective network security requires and investment, but it needs to be made intelligently. For help creating a security infrastructure for your business, contact Geek Rescue at 918-369-4335.
March 25th, 2014
A primary concern for computer users is avoiding malware. Unfortunately, not all users make it a priority and often put themselves at risk by foregoing proper security tools. Surfing the web without antivirus or anti-malware applications in place is asking for trouble. But, with so many options available, how do you know which security tools are most effective? As Larry Seltzer of ZDNet reports, a recent test conducted by AV-Test Institute set out to find the anti-malware programs that are most trustworthy for Windows 7 users.
AV-Test Institute brought in a total of 34 anti-malware products to test with 9 being for business and 25 for consumers. The testing involved malware detection, zero-day exploits with no signatures detection, performance impact and false positives.
A good anti-malware program will be able to operate without slowing down your system. It’s also capable of detecting malware before it infects your system and capable of spotting zero-day exploits based on suspicious characteristics. The product that scored the best in these tests was Trend Micro’s Office Scanner 10.6. The top scoring consumer product was Bitdefender Endpoint Security.
Multiple products were able to detect all of the malware used in the test. On average, 94-percent of the zero-day malware was also detected.
Bitdefender’s consumer entry was able to detect all malware with no false positives and tied for the top score in the performance impact testing. Trend Micro’s Office Scanner was also able to detect all malware and scored the highest possible score on performance impact, but wasn’t able to make it through testing without any false positives.
For a full list of results and products tested, visit AV-Test.
With an effective anti-malware program in place, like many of those tested, users can feel secure and know that malware will be detected before it can do any real damage. Security programs need to be updated constantly, however, to give them any hope of detecting the latest malware threats.
If you’ve been infected by malware or would like to explore your options for better security, either at home or the office, call Geek Rescue at 918-369-4335.
March 10th, 2014
A common piece of security advice is to regularly update your antivirus program to protect against the latest threats. New malware is formed every day and it’s difficult for security applications to keep up, but it’s impossible if they aren’t updated daily. Alastair Stevenson illustrates the need for up to date definitions with his report at V3 that three new threats emerge every second of every day.
That statistic comes from security company McAfee’s Threat Report from the fourth quarter of 2013. Part of that report reveals that McAfee learned of 200 new attacks every minute, which likely means that the number of new attacks being launched is actually even higher.
Overall, in just the fourth quarter in 2013, 200-million malware variants were found by McAfee. That’s 90-million more than was found during the same time span in 2012. Experts believe one reason for this significant increase in malware production is the increase in “Point of Sale” malware, which refers to variants that are available to be purchased online by anyone and used without a need for expertise. This allows nearly anyone to launch an attack.
Malware isn’t targeting PC users alone, however. The report states that nearly 2.5-million new forms of malware targeting Android mobile devices was collected. That’s significantly lower than the amount of malware targeting PC users, but it’s nearly double the output of mobile malware from just a year prior.
Ransomware, the malware that encrypts or locks down files on your PC and demands payment to give you access to them, also saw a large jump in number of attacks in 2013. After 1-million observed forms of ransomware attacks in 2012, 2013 saw about 2-million.
The clear lesson here is that security on your personal devices and your company’s network is becoming even more important as more attacks are being produced and those attacks are becoming more intelligent.
For help improving security or help recovering from an infection or attack, call Geek Rescue at 918-369-4335.
March 7th, 2014
A recent survey on computer security revealed not only alarming numbers of victims of cyber crime, but also high numbers of users who have little to no security in place. The University of Kent, which is located in the UK, surveyed about 1500 adults in their study. Admittedly, it’s a small sample size so the numbers could be a little skewed. Even so, there are surprisingly high rates of malware infections, specifically with ransomware, as John Hawes of Naked Security reports.
CryptoLocker, a headline-making form of ransomware that encrypts files on victim’s computers and demands payment to release them, one in 30 of the survey’s respondents. Even worse, about 40-percent paid the ransom to have their files decrypted.
Those figures only pertain to CryptoLocker specifically. For all forms of ransomware, about one in 10 respondents confirmed they’ve been a victim. Even if you assume those numbers are slightly inflated, that’s a shocking amount of ransomware cases.
It’s particularly troubling when you combine the amount of cyber attacks with the amount of users who fail to put proper security measures in place. The survey also found that more than half of users weren’t using an up to date anitvirus or anti-malware program. About a third of respondents reported they had no firewall in place on their network and about the same number failed to use proper password practices for maximum security on online accounts.
With that in mind, it’s no surprise that about a quarter of users in the survey were identified as being the victim of some sort of “cyber-dependent crime” with malware infections and phishing scams being the most popular.
Unfortunately, when it comes to the number of malware incidents, the actual number of infections is usually higher than what is reported. This is because malware, by its nature, stays hidden on most systems particularly those with less than ideal security. Users may report that they’ve never been the victim of a malware infection, but in reality it’s difficult to say for certain.
The takeaway from this study and others like it is that no one is immune from cyber attacks. Malware can strike any of us, but those with less security in place are asking for trouble.
If you’ve been infected with malware, or would like to improve security at home or at your business, call Geek Rescue at 918-369-4335.
January 17th, 2014
A shocking number of small businesses don’t invest in security to keep their data, and their customer’s data, safe from hackers and malware attacks. Many small business owners believe they won’t be a target because they don’t have as much valuable data as larger competitors. From a hacker’s point of view, however, grabbing a few credit card numbers, or infecting a small network without having to bypass robust security can be more attractive than trying to hack a complicated IT infrastructure. To help your business stay safe from cyber attacks, security expert David Campbell outlined some vital ways to improve security at Florida Today.
Updates to your operating system, antivirus program and vital applications are available nearly every day. The reason there are so many updates is because new vulnerabilities and pieces of malware are unveiled. To close flaws in security and eliminate bugs, you need to update constantly. Out of date applications tell hackers that known attacks will work against your network.
Do you know who can access your company’s data? You should be carefully tracking who is accessing your servers and from where. This way, you’ll be able to spot a potential attack before it does much damage. Also, be sure to limit employees who don’t need access to certain files or applications. By limiting access to only those individuals who need it, you minimize risk.
Proper testing can be the difference between a hassle-free integration of new technology and an extended period of downtime. From a security standpoint, make sure any new software you introduce is compatible with existing security features. Even when you have set up an effective security infrastructure, changes to your network could present vulnerabilities.
In addition to watching who is accessing data, keep an eye on how much traffic is running through servers. A spike in traffic can be a warning sign that a third party is using your resources maliciously. By closely monitoring the use of your resources, you’ll be able to spot problems before they cost you money.
If you run a business, you have information that criminals find valuable. Eventually, a lack of security will cost your company money and credibility.
Don’t wait, improve security at your business today by calling Geek Rescue at 918-369-4335.