Malware Malware Everywhere.

Malware attacks are on the rise. According to Wikipedia, “Malware, short for malicious software, is any software used to disrupt computer or mobile operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.”

Data breaches are all but inevitable. You’ve heard about the recent attacks that embarrassed Sony, Ashley Madison and Yahoo. The problem is more far-reaching than those high-profile cases. One survey found that 90% of large organizations and 74% of small businesses were attacked between 2014 and 2015. The real number is likely higher since these were only discovered attacks.

Do not surrender.

Do not throw in the towel and let cyber criminals exploit your valuable information at will.  To counter the rise in cyber attacks, the cybersecurity market is also growing and becoming more sophisticated.

Performing regular cyber threat assessments can give you an accurate picture of your security needs and help you stop malware.  Your comprehensive strategy should include:

• Identifying threats.
• Defending against those threats.
• Knowing how to respond quickly when there’s a breach.

Malware Lying in Wait.

Surprisingly, for all of the turmoil malware can unleash, many companies don’t even realize they’ve been breached until well after the fact.  Sophisticated malware can lie dormant and go undetected for months. On average, it takes 146 days to detect a breach.

Of course, malware needs to first gain entry into your system.  Cyber criminals use zero-day attacks, but also take advantage of unpatched vulnerabilities and outdated systems.  Over 99% of vulnerabilities are still being exploited more than a year after they were published.

Human error is also a major concern, with many social engineering strategies finding success. Compromised credentials (passwords) are still a popular way criminals gain access.  Insider threats are especially dangerous since they make it easier to circumvent security controls.

Prevention is the best policy.

Once malware is in your system, time is of the essence. Being able to detect a data breach requires an understanding of “normal” conditions and behaviors in your network environment. Performing regular cyber threat assessments can give you an accurate picture.

First off, you need to look for common warning flags.  These may include:

• Reduced operating speeds across your network.
• Systems restarting or shutting down unexpectedly.
• Security software not working.
• Unusual IP’s showing up in your reports.

It’s important to stay vigilant.  Look for patterns and trends throughout your system. If something doesn’t look quite right—question it.  Remember that employees are potentially weak links, so pay special attention to their behaviors.

Running validation tests will help you pinpoint application vulnerabilities, detect malware and botnets, and make it possible to share threat intelligence. Assessments are essential for prevention, as they will help you understand your vulnerabilities and allow you to focus your cybersecurity technology investments in the right area.

Are you ready for a cyber threat assessment? Fortinet offers a free cyber threat assessment, online.  We (Cameron Park Computer Services) can help you assess the results and prevent threats from wreaking havoc in your environment.

Inspired by http://blog.ncanet.com/blog/how-to-detect-data-breaches-before-its-too-late1493316011.