The need for AV (anti-virus) protection is not in the headlines so much these days, as this normally coincides with high profile widespread malware outbreaks. However, dangerous malware is still a very real threat and it is important to stay up to date.
The term ‘malware’ refers to all possible malicious software, which can be Trojans, viruses, or ‘ransom-ware’ where the user is persuaded into paying to get access to their system back.
It may seem reasonable to assume that once out of the headlines, a particular piece of malware is no longer a threat. However, this is a dangerous assumption as malware can circulate ‘in the wild’ for years. For example, the ‘Conficker’ malware is now 7 years old and there have been many new variants in that time. Although AV software will have been updated to detect malware or new variants as they are discovered, an out of date product version, missing Windows patch or poorly configured settings may still leave your system at risk.
A review of the health of your AV product is always worthwhile, to make sure it is running at the latest product version and is providing effective protection.
Let’s take a look at the current top 10 threats – how many have you heard of?
1. Conficker/Downadup — a worm exploiting a vulnerability in Windows to spread via the web, network shares and removable media.
2. Kilim — Browser extension that posts unwanted content to Facebook.
3. Sality — A virus family that infects exe files and hides its presence to kill processes, steal data and perform other actions.
4. Ramnit — Infects EXE, DLL and HTML files. Variants may also drop a file that tries to download more malware from a remote server.
5. Autorun — A family of worms that spread mostly via infected removables and hard drives, and can perform harmful actions like stealing data and installing backdoors.
6. Majava — A collection of exploits against Java vulnerabilities, a successful attack can, among other things, give the attacker total system control.
7. Rimecud — A family of worms that spreads mostly via removable drives and instant messaging. Can install a backdoor that allows a remote attacker to access and control the system.
8. Anglerek — A collection of exploits for multiple vulnerabilities. At worst can give the attacker total system control.
9. Wormlink — Specifically-crafted shortcut icons used to exploit the critical CVE-2010-2568 vulnerability in Windows to gain system control.
10. Browlock — A police-themed ransomware family that steals control of the users’ system, allegedly for possession of illegal materials then demands payment of a ‘fine’ to restore normal access.
Prevention is better than cure
Here at Taylor Made we work with businesses that require the highest standard of protection against malware and we use our Managed AV solution to achieve this. Based on BitDefender, it’s fully integrated with our centralised monitoring and management system. This means that product and definition updates can be centrally managed and swiftly deployed when required.
Our engineers will be alerted when a device is running an out-of-date version of the AV, enabling us to alert our customers and arrange to get it updated without delay.
The charging for Managed AV is monthly per device, so it can be scaled to meet your business’ exact needs.
Here at Taylor Made our service desk often have to deal with machines from customers not using Managed AV, that have been infected with Malware. Perhaps there was an existing anti-virus product installed, but maybe it was not fully up to date or running an old product version which left the machine vulnerable.
Don’t risk this being one of your machines!
Source for top ten list: http://betanews.com/2015/04/23/conficker-remains-top-of-the-threats-as-existing-malware-for-windows-dominates/