Attackers no longer go after our firewall. They go after individuals.
For many years, viruses have been the bane of many a business. There have been stringent measures taken out by staff or IT companies to protect work and home computers from viruses that could cause damage to productivity.
Are these days over? Virus protection is only a small component now of an overarching cybersecurity threat where viruses are now no longer the medium by which outside threats will look to harm your business. There have been multiple attempts over the years to provide the “perfect” antivirus software, with both negative (MacAfee) and positive (AVG) results. Malware and viruses will always be a consideration for any IT usage – but as mentioned above there are more threats now than ever before.
Virus protection isn’t enough to cover the sheer amount of threats facing a businesses IT infrastructure. Firewalls and Virus protection software has its place, but even the best software in the world won’t save your data if one of your senior staff members has a weak password.
A simple survey of the personal virus protection of one of our clients suggested that there was now no real importance placed on this software in their personal lives as most had either “free” or “bundled” antivirus packages and in over 50% of cases they relied entirely on Windows Defender or believed Macs didn’t get viruses anyway. Macs had a 726% increase in malicious attacks in 2017 according to Symantec.
The new focus of hackers and phishers is passwords, email access and data acquisition – not usually obtainable through viruses, they focus now on the lax nature of users. Password brute forcing has always been a threat, but now with faster methods and multiple sessions able to be run by more modern software – this is the weak point of many infrastructures. Users are advised to have multiple passwords, multiple accounts and to have conditional access or multi-factor authentication. By obtaining passwords, hackers are now able to log in to almost every account a user has across multiple devices.
Being signed in to Google is a classic example of this. By being signed in to Google on your home PC and your mobile – you’re walking around with not only your entire browsing history, but all your saved passwords, site details and account logins. This can be obtainable through Bluetooth software phishing or NFC “bumping” into unsecure devices. By compiling lists of this information, hackers have a more streamlined approach when attempting to breach a user’s private data. By segmenting the data that this information can provide – security questions and answers, dates of birth, names, addresses and even payment details can be attained. Passwords then, are the new viruses.
The protection of data is now more important than ever. As always, your IT Service provider should be at the forefront of Cyber Security, providing up-to-date information on potential threats and providing adequate analysis of your infrastructure. If you require an audit of your current IT services, then please do get in touch and speak to a member of our team.
On a personal level – it could also be worth performing an audit of your current accounts and passwords. If you’re using the same passwords or weak passwords, then it might be worth changing some of them!