White paper from G Data informs how companies can protect themselves
September 2009 by G DATA
How do viruses, Trojans and worms get onto business computers? What’s the purpose behind malware distribution? Who develops malware and who profits from it? It’s not only the standard PC user who is kept busy by these and lots more similar questions. In particular, safety experts and administrators, responsible for the trouble-free running of the company network, are interested in the modus operandi of the cyber criminals so that they can optimally protect themselves and the IT environment entrusted to their care against attackers. The G Data white paper "How does malware get onto business computers?" answers these questions.
Online criminals act quickly, leave no traces and target their prey in a clinical manner. If the infection manages to reach a few individual company PCs or even the entire network, the consequences for the company concerned are disastrous. Sometimes, especially where small and medium sized enterprises are concerned, the result is a fight for economic survival.
Ralf Benzmüller, manager of G Data Security Labs knows all about the dilemma: "Once a virus or worm is active, the company has generally already suffered loss or damage and the administrator can now only limit the damage as far as possible by quick reaction. It is just as vital to provide effective protection against the attempts of eCrime gangsters to smuggle malicious code into the network. To provide more effective defence, it is a great advantage to know the background, who is developing malware for what purpose as well as the methods used for its distribution."
eCrime: Million dollar salaries for hackers
The motivation of hackers has changed greatly over the past few years: whereas before you could talk about competitive tests of strength between fellow computer specialists, now the developers of malicious viruses and worms are motivated purely by financial gain. "Ultimately the trading in stolen data and accounts is aimed at making a fortune - even drug dealing with its million dollar turnovers can no longer keep up," as Benzmüller knows.
Door opener: USB stick as a virus carrier
A network infection can take place via web pages, email or files sharing services and instant messaging. Also data media such as USB sticks or CDs/DVDs can contain malicious software. As the PC user has, over the years, developed a lot more risk-awareness when it comes to opening email file attachments, a strategy change has taken place: instead of file attachments, the eCrime players now transport their malicious code via links to apparently interesting websites. One click on such a link is often sufficient to infect your computer with malware or sign it up as part of a botnet.
Five tips for effective computer protection
So how do you protect yourself against such undesirable attacks? Security expert, Ralf Benzmüller, has the following suggestions:
Virus protection should be installed both on servers and clients. This should also check the HTTP data stream and, if necessary, the data from chat sessions (ICQ, IRC) for malware. Portable devices such as notebooks and netbooks must be integrated in the security concept and protected with independent virus protection solutions and personal firewalls.
As emails now only contain links to harmful websites rather than attachments, spam protection simultaneously forms part of malware protection. Here you must install content-independent solutions.
Firewall, intrusion detection/ prevention Data from network traffic can be used to detect and prevent on-going attacks from Internet worms.
The security measures must be accepted and supported by the employees. Regular provision of information about Internet risk sources reinforces employee security know-how.
Award winning antivirus protection: business software from G Data Just recently G Data was able to demonstrate its particular skills in the area of corporate virus protection. Not without reason, G Data’s corporate solutions were, in May, awarded top marks in a one-off comparison test carried out by the well known Austrian research laboratory, AV Comparitives. (Test report under http://www.av-comparatives.org/imag...). The scalable solutions provided unbeatable protection for networks in small, medium and large companies. According to requirements, administrators can choose between the following products: AntiVirus Business 10, AntiVirus Enterprise 10, ClientSecurity Business 10, ClientSecurity Enterprise 10 and MailSecurity 10.