Thursday, February 25, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

How SMBs Can Mitigate the Growing Risk of File-based Attacks

October 2, 2019
in Internet Privacy
How SMBs Can Mitigate the Growing Risk of File-based Attacks
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Cases of document-based malware are steadily rising. 59 percent of all malicious files detected in the first quarter of 2019 were contained in documents.

Due to how work is done in today’s offices and workplaces, companies are among those commonly affected by file-based attacks. Since small to medium businesses (SMBs) usually lack the kind of security that protects their larger counterparts, they have a greater risk of being affected.

You might also like

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

Falling victim to file-based malware can cause enormous problems for SMBs. An attack can damage critical data stored in the organization’s computers. Such loss can force a company to temporarily halt operations, resulting in financial losses.

If a customer’s private and financial information is compromised, the company may also face compliance inquiries and lawsuits. Their reputations could also take a hit, discouraging customers from doing business with them.

But despite these risks, SMBs still invest very little in cybersecurity. Fortunately, new and better solutions specifically focused on file-based attack protection like malware disarming are emerging to deal with file-based attacks. They’re becoming more accessible too.

Security solutions provider odix even recently received a 2 million euro grant from the European Commission recently to bolster its move to bring its technology to SMBs.

In the midst of rising threats, here are some ways on how SMBs can mitigate file-based attacks.

1 – Disarming Malware

File-based attacks involve malware that is kept hidden in a seemingly legitimate document. When a user opens the file, the malware is activated.

Depending on the payload, the malware can destroy or steal data. Many organizations continue to rely on antiviruses to deal with these attacks.

However, hackers are now using more sophisticated polymorphic malware that automatically changes to evade signature-based detection employed by antiviruses.

Companies can also use air-gapped sandbox computers to scan and test documents, but this often requires dedicated hardware and personnel to manage.

Malware disarming is emerging to be the preferred way to prevent file-based attacks. Unlike conventional as antiviruses and sandboxes, such solutions can perform advanced scans that can detect sophisticated malware.

But aside from merely scanning the files, the documents are then sanitized, eliminating malicious codes. odix, for example, uses its TrueCDR (content disarm and reconstruction) technology to ensures that that the files are perfectly usable after cleanup.

2- Using Email with Strong Spam Filters

This year, 293 billion business and consumer emails were sent and received per day on average. This number is predicted to rise to 347 billion by the end of 2023.

With this, spam continues to increasingly become an effective cyberattack method. People clicked on links in 14.2 percent of spam emails in 2018.

Work emails are just as exposed. Employees are likely to click on spam email links and download and run potentially dangerous attachments.

Some small businesses may rely on the free email accounts that come with their website hosting packages. Unfortunately, such accounts are often poorly-secured and do not have the necessary security and filtering features that screen malicious emails.

To thwart these threats, companies can integrate stricter spam filters that can safeguard all inboxes of the company by blocking spam emails.

A more stringent measure is to adopt a solution like odix Mail. It acts as a mail proxy for the company’s mail server. All attachments contained in incoming emails are intercepted. These are then scanned and sanitized using odix’s core engine. Once these files are cleaned, they are reattached to the message and finally sent to the intended recipient’s inbox.

3 – Being Wary of Removable Media

Flash drives, external webcams, and other USB peripherals can be weaponized to infect a device or network.

However, employees tend to plug in media and devices without much care, thinking that antiviruses can readily check for malware via real-time security.

Unfortunately, hackers can cleverly disguise malware in these removable media to evade standard scans. Weaponized USBs are also used to breach even air-gapped systems.

SMBs can counter USB-based threats ensuring that no unauthorized personnel can plug in USB peripherals to their computer system. Network and operating system policies can be defined to withhold privileges that allow the insertion of removable media on workstations.

As an alternative, companies can use tools like odix’s Kiosk product which is a dedicated file sanitation workstation where users can insert their removable media.

The Kiosk acts as a gatekeeper to all files contained in USBs and disc drives. These documents are examined and cleaned of potential threats, ensuring that no malicious files from such media ever get sent over the network. The sanitized files can then be sent to the user’s email.

4 – Training Users to Avoid Phishing

Preventing file-based attacks also requires users to change their mindset and behavior. This includes making sure that they don’t fall for social engineering attacks like phishing.

Phishing is the fraudulent practice of sending deceptive emails to extract personal and financial information from an unsuspecting victim. The wide use of email has also made it one of the preferred methods of cybercriminals.

Phishing emails are carefully crafted to imitate real correspondence from trustworthy sources such as government offices, HR, or financial institutions.

SMBs should provide proper training to their employees to teach them to spot suspicious emails and links. Staff should also be trained to always check any file downloaded online or from emails for safety and legitimacy.

Having solutions like odix in place does help minimize the potential exposure of companies since tasks such as checking attachments and work documents are automatically performed. Still, it pays to have employees with the proper knowledge on how to safely and adequately use technology resources.

5 – Improving Access Control

Most SMBs use servers or cloud storage to keep and share files to clients and employees from any device at any time. These can be a cost-effective solution that also prevents sensitive data loss.

However, without appropriate security measures, these online components may be exposed to attacks.

Users may use weak passwords for their accounts which hackers can easily crack to gain access to these repositories. Not only can they steal data, but they can also implant malware in the stored documents to further spread malware.

To make sure that all accounts are made safe, companies can use identity and access management (IAM) platforms. An IAM service can authenticate employees and give them access to different applications or files in the cloud. It also features multi-factor authentication to provide additional security to protect from unauthorized access.

Taking Security Seriously

Some SMBs assume that cyber criminals will only target big corporations. But there’s no such thing as “too small” for hackers these days. Cybercriminals like to target SMBs precisely because of this mentality.

With 43 percent of cyberattacks targeted at SMBs, it is only prudent for organizations to take cybersecurity seriously. Enterprise providers like odix are now also expanding their reach to SMBs, so modern solutions are already within reach.

By equipping themselves with the necessary tools and training their employees on how to protect themselves from cybersecurity threats, SMBs are not only safeguarding their business but also their customers and staff as well.


Credit: The Hacker News By: noreply@blogger.com (The Hacker News)

Previous Post

Facebook Crypto Libra Crumbling as Visa, Mastercard Consider Quits: Report

Next Post

Google launches Password Checkup feature, will add it to Chrome later this year

Related Posts

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique
Internet Privacy

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

February 25, 2021
Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks
Internet Privacy

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

February 24, 2021
Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now
Internet Privacy

Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

February 24, 2021
Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs
Internet Privacy

Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs

February 24, 2021
Experts Find a Way to Learn What You’re Typing During Video Calls
Internet Privacy

Experts Find a Way to Learn What You’re Typing During Video Calls

February 23, 2021
Next Post
Google launches Password Checkup feature, will add it to Chrome later this year

Google launches Password Checkup feature, will add it to Chrome later this year

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Machine learning speeding up patent classifications at USPTO
Machine Learning

Machine learning speeding up patent classifications at USPTO

February 25, 2021
How to Make Data Annotation More Efficient? | by ByteBridge | Feb, 2021
Neural Networks

How to Make Data Annotation More Efficient? | by ByteBridge | Feb, 2021

February 25, 2021
How to Nail Virtual and Digital Communication
Marketing Technology

How to Nail Virtual and Digital Communication

February 25, 2021
Google funds Linux kernel developers to work exclusively on security
Internet Security

Google funds Linux kernel developers to work exclusively on security

February 25, 2021
Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique
Internet Privacy

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

February 25, 2021
Off-chain reporting: Toward a new general purpose secure compute framework by Chainlink
Big Data

Off-chain reporting: Toward a new general purpose secure compute framework by Chainlink

February 25, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Machine learning speeding up patent classifications at USPTO February 25, 2021
  • How to Make Data Annotation More Efficient? | by ByteBridge | Feb, 2021 February 25, 2021
  • How to Nail Virtual and Digital Communication February 25, 2021
  • Google funds Linux kernel developers to work exclusively on security February 25, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates