A Layman’s Guide to Digital Threats and How to Prevent Them

Digital security has become one of the top priorities for businesses in the modern world. The issue is that many business leaders outside of the IT Director or Chief Information Officer (CIO) in many companies don’t know much about the threats their business is facing on a day-to-day basis or how to address such threats.

As your partner in IT, Dox has put together this blog outlining some of the most common digital threats looming over businesses today. Below, we have simplified a few of the dangers your business may be forced to face and how to protect yourselves from them in layman’s terms that everyone from the board room to the break room can understand.

Phishing

As the name implies, phishing is a malicious attempt to obtain sensitive information such as usernames, passwords, and credit card information using bait. A cybercriminal will often disguise themselves as a trustworthy entity in an electronic communication, typically an email, and ask for personal data to “help” you or your employees “fix” a situation. For example, someone may pose as a vendor asking an employee for privileged information that could lead to devastating results for your business.

There are programs available from companies such as Sophos that prevent phishing scams from squeezing through your business network. In addition, most popular internet browsers can be customized with anti-phishing toolbars to help address phishing. You also need to employ high-quality firewalls to shut down phishing before it can disrupt your business. Finally, you should keep abreast of phishing techniques and educate employees so they think before they click on links on trusted sites, random emails, or instant messages.

Ransomware

Ransomware is yet another malicious software program employed by bad actors. It’s just like what it sounds: A hacker seizes your valuable business data and threatens to destroy or publish it unless you pay a designated ransom. The issue is that even if you do pay, you may never recover your data and your business’s reputation may be irreparably damaged.

Computers infected with a virus are open to ransomware infection as well. Viruses and ransomware are often introduced to a computer network when an employee is tricked into clicking on a link. For example, an employee may receive an email that looks completely legitimate from a company such as FedEx that requires them to click a link to receive a package. Once the link is clicked, the ransomware invades the system, encrypting the hard drive and locking businesses out of their own computer files including everything from emails to proprietary data.

To prevent an invasion of ransomware, there are software products businesses can purchase to prevent ransomware from entering a computer network including anti-virus programs. Additionally, all digital information should be backed up daily to a secure, offsite location such as the cloud. Again, training your staff on best practices for cyber security is always necessary as they are another line of your business’s defense.

Viruses

Just like a virus that people can catch, computer networks can also catch a virus. Just as germs travel from one item or person to the next, a digital virus is a piece of mini-software that can attach itself to technology businesses use every day from spreadsheet programs to email. Each time the infected program or software is used, the virus spreads to other users or programs.

Email viruses spread as attachments in email messages and can reproduce by automatically mailing itself to dozens of people in your address book. Some email viruses don’t even require someone to double-click on them. They will launch their destructive payload when the infected message is previewed in your email software, which is one reason why it’s so important to never open an email you aren’t expecting from an unknown source.

To prevent a virus from infecting your business network, you’ll want to install a quality, business-grade antivirus program on all devices in your network. The free antivirus programs you find online or that come free from your internet provider are simply not going to do the job. Professional, business-quality antivirus protection programs that update frequently throughout the day will address the changing landscape of viral threats. They will also often protect against a variety of threats such as rootkits (see below) in addition to traditional viruses and will offer additional protective features.

Rootkits

Another threat that can hide and linger undetected in your network is a rootkit. It is a computer program that sneaks into your network and provides a cybercriminal with continued, privileged access to your network as long as it goes undetected. Through the use of a rootkit, a bad actor can maintain control over a computer without the owner or user realizing it. On a computer infected with a rootkit, a cybercriminal can access a business’s log files, spy on the internet habits of a computer user, and steal valuable information.

Rootkits often penetrate computer systems by attaching themselves to software a user trusts and downloads or to viruses that make their way into a network. A strong, professional antivirus program will often prevent rootkit access in addition to viruses. Be sure to ask your IT provider if your antivirus includes rootkit coverage.

Malware

Yet another form of malicious software, malware typically sneaks its way into your computer systems in ways similar to ransomware. Depending on the form, malware can spy on a user’s online habits, obtain passwords with tracking of keystrokes (known as keylogging), and read emails. Some forms of malware can hijack a computer browser and direct users to web pages that phish for personal information.

Like ransomware, antivirus programs often cover malware but it’s always good to ask your IT personnel how thoroughly your network is covered. Employees need to be trained on proper precautions to take while surfing the net on their work devices from desktops to laptops and tablets. Make it a general practice that employees only click on websites they trust and never volunteer private information such as passwords. Remind them that even cell phones can become vulnerable as they are just smaller computerized devices.

Trojan Horses

A Trojan horse is a computer program that claims to do one thing but instead causes damage to your network when you use it. Trojan horses are a form of malware that can cause real issues for businesses. They can be designed to do just about anything from creating a remote backdoor to computer systems to erasing hard drives leading to a loss of innumerable man hours of work and proprietary data.

Additionally, some Trojans are set up to install keyloggers to steal passwords or other forms of spyware. They can be set to run every time a computer is restarted. There are even mobile Trojans that often pretend to be cheaper versions of popular smartphone apps.

While detecting Trojans can be difficult, the good news is Trojan horses cannot self-replicate the way viruses can. Most business-class antivirus programs will block the installation of known Trojans. Make sure to ask if your program covers this form of malware.

Worms

A small piece of software, worms use computer networks and security holes to replicate themselves. A worm can scan a network for other computers and devices that have a specific security hole within a network. It then copies itself and invades the new machine and continues to replicate from there.

Traditional worms were created simply to spread, disrupting the bandwidth of networks slowing them to a snail’s pace without altering the function of a system. Newer versions of worms can be written to actually carry a nasty payload that can do real damage to a network. As worms become more advanced, they have the potential to stop businesses in their tracks.

To prevent worms from working their way into your business network, be sure to maintain an up-to-date antivirus protection program that also employs a firewall such as those offered by Avast. In addition, warn employees to be careful with file-sharing networks and suspicious attachments or links.

Spyware

Spyware is software, specifically a type of malware (see above), that enables a user to steal private information from an individual’s or business’s computer by transmitting data secretly from the hard drive. Hidden from the user, spyware can gather information such as passwords, watch your keystrokes, and internet interactions. In addition to accessing private information, spyware can negatively impact the function of a computer from slowing connection speed to changing computer settings or even disrupting network connectivity.

Another threat that piggybacks on trusted products, spyware is typically launched when a user installs a piece of free software. It can also be installed accidentally through a Trojan horse while pretending to be a desirable piece of software.

To fully address the threat of spyware, Dox recommends installing a professional, business-grade anti-spyware program. These are required to prevent infections and fully remove those that may already have infected your network. Many anti-virus programs now offer anti-spyware protection as well but not all of them do so be sure to ask your IT professional if your antivirus handles spyware or not.

If you have any remaining questions about any of these threats, how to prevent or remedy them, please contact Dox at https://www.doxnet.com/contact-us/. The experts at Dox have experience with each of these issues and can easily assist you with a solution to them with a wide variety of products to fit your budget. We can even help you with employee training to protect your business.

Thank you for your time and stay safe online!