It’s finally 2021 and towards the end of 2020 the world experienced one of the largest cyber breaches in history. A commonly used security software company by the name of Solarwinds was breached. This caused thousands of businesses globally to be affected with potential malware, mimicking our own global cyber pandemic. Trust in security tools is important, especially antivirus, but an overreliance on one solution leaves us more vulnerable than ever before.
One tool is not going to be enough to keep you protected from breaches, a common misconception about antivirus software that follows IT infrastructure everywhere.
What is antivirus software?
Anti-virus software is a type of EPP or “endpoint protection platform”. EPP, according to Gartner, is a “solution deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity, and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.”
Older legacy antivirus software identifies threats with signature based malware detection. The problem with that is two fold:
- Older antivirus software has to be constantly updated and most software based signature tools can’t keep up with malware threats in real time. Even if the signature based repositories are capturing and updating devices on a weekly or daily basis this won’t stop a fileless based attack from entering into a corporate network or device.
- Signature based malware is just that. One type of malware that is detected by specific known signatures. Unfortunately, we live in a world inundated with polymorphic malware that is not detected by just signature based malware.
What is polymorphic Malware?
Polymorphic malware is a type of malware that is constantly changing its identifiable features in order to evade detection. Many of the common forms of malware can be polymorphic including, worms, viruses, bots, trojans or keyloggers.
Thanks to new technology and advanced tools such as behavioral based threat detection there are ways to identify and prevent polymorphic malware. In one recent study by digital guardian researchers have found that 97% of malware infections employ polymorphic techniques. If this statistic is true, how do we stop and capture these new strains of malware?
Luckily in 2021, there are cyber security best practices, tools, and programs that you can use to provide a holistic and layered approach towards your cybersecurity program.
Here are a few best practices that you may want to consider to help you protect your company from cyber threats:
- Keep your cyber security tools and applications updated. Many cloud based applications are constantly updating their security software to keep their clients data and financial records secure. Unfortunately, they are not responsible for your security if your data is breached. If you have an older antivirus software make sure that you are pushing out security updates and patches as often as possible until you can update and invest in cloud security tools that protect your companies assets with machine learning and advanced threat protection techniques. This will save you time and money and help you respond to threats in minutes instead of days or weeks.
- Do not click on suspicious links or attachments. Most malware comes from phishing emails or text messages that come to your devices. If you see a link that you are not familiar with just mark the email as spam, delete the message, or block the text notification from coming into your inbox.
- Use strong passwords and change them often. Changing passwords to all of your applications is a must for 2021. I recommend changing your passwords every 30 or 60 days. If you are able to enable multi-factor authentication with your systems such as email and applications, do so. This will help against hackers trying to break into your data or financial records. Another avenue to explore would be investing into a password manager system or an Identity provider to keep your passwords and login procedures safe.
- Leverage behavior-based detection tools: The security industry has created tools that provide machine learning techniques that use behavioral based detection that capture polymorphic malware. Using advanced threat protection detection solutions like endpoint detection and response can identify threats in realtime before any of your data is compromised. Behavior based malware protection is more accurate than traditional anti-virus tools that only detect signature based malware.
Cybersecurity has become a hot topic of conversation for every person and business that exists in today’s digital world. With majority of individuals still working from home, the rise of data breaches and financial risk is at an all time high. If you have to access the internet then the possibility of being breached is high. You must implement a security practice with education, best practices, and a layered approach to your security program. It’s not a matter of being unbreachable, as no one tool provides complete protection. It’s a matter of when you are breached, how fast are you able to detect, respond and remediate the problem.
For further information, please reach out to any of our security practitioners to answer any questions you may have for your business. email at: firstname.lastname@example.org