We can stop file-encrypting ransomware with routine updates and basic IT security.
Gulf Breeze, FL (PRWEB) December 31, 2015
AppRiver, a leading provider of email messaging and Web security solutions, today issued its predictions for the coming year. Its team of analysts used indicators gathered from analysis of recent malware developments and criminal activity to determine how the threat landscape will evolve in the near future.
- Evolving Ransomware: Following the FBI’s recent recommendation that file-encrypting ransomware victims pay the ransom instead of trying to negotiate their files back, hackers will continue to innovate new attacks that push the mark.
- The Internet of Things (IOT): With wearable tech, mobile devices and payment portals all synching together, one breach gains entry to considerable amounts of data. When vulnerabilities exist in any popular OS, and hackers know about them, it is only a matter of time before they are exploited.
- Bring Your Own Device (BYOD): While it saves costs, allows employees the flexibility to work from anywhere and to choose their own devices, BYOD makes security policies, such as updates and patches, cumbersome to implement and nearly impossible to enforce since the security rests in employee hands. With these combined factors, attacks targeted at businesses through their employees’ personal devices is likely to increase.
Individuals are often willing to store personal information in the cloud, but reluctant when it comes to effective, simple IT security, such as having a complex password or PIN explains Troy Gill, manager of security research at AppRiver.
“A world of valuable, sensitive and personal data is stored in the cloud, most of it accessible from multiple devices that might not have up-to-date security,” he said. “The situation is ripe for more, and more successful, hack attempts, especially across public Wi-Fi networks."
Security analyst Jon French adds that often-haphazard BYOD security measures will spell trouble from the IOT as well. “Those same personal devices that aren’t being secured could be a ticket inside an organization’s network for reasons as mundane as no one thought to secure them,” French said. “With more and more companies allowing and even relying on the use of privately owned devices, the risk to businesses is growing faster than many of them comprehend. Sorting out the appropriate levels of security and responsibility for Internet-enabled devices will likely be a complex and ongoing work in progress."
By contrast, the solution to ransomware is much simpler, even if it’s no easier.
“The FBI recently told the public that we are better off paying ransom than working with law enforcement to catch the criminals,” said Fred Touchette, senior security analyst at AppRiver. “But that’s true only after a successful breach. Everyone should remember that we can stop file-encrypting ransomware with routine updates and basic IT security. Still, we expect such attacks to increase because too many companies still aren’t backing up their data and because extortion promises to remain very profitable for the bad guys.”
Whether it’s IOT, BYOD, or ransomware, simple precautionary steps, such as routine software and firmware updates, double authentication password protection, and layered IT security can greatly diminish the chance of a successful hack.
To safeguard a network from malware, AppRiver security analysts recommend the following tips:
- Routine software and hardware updates often contain security patches to ward off present malware vulnerabilities.
- Daily file backups can eliminate the need of an organization to pay a ransom if they fall victim to ransomware.
- Strong passwords combined with double authentication reduces a hacker’s odds of being able to correctly guess the answers.
- Redundant IT security, including email and Web protection, creates multiple blockades for hackers. An employee cannot accidentally infect his company’s network with malware by opening a rogue attachment if it was never delivered to his inbox.
- Public Wi-Fi networks should be avoided if possible, as hackers often take advantage of the “shared network” and use it to steal information off of individuals’ devices.
For a complete list of 2016 predictions and more security tips, please visit http://blog.appriver.com/2015/12/2016-it-security-predictions/.
AppRiver is a Software-as-a-Service (SaaS) provider offering award-winning email and Web security solutions to businesses of all sizes. Understanding the need to protect networks from today's increasingly complex IT threats, AppRiver offers businesses a comprehensive, yet affordable subscription-based solution that incorporates the latest spam and virus protection, email encryption and Web security on the market. In addition, the company provides a complete managed service for Microsoft Exchange, as well as a bundled Office 365 solution. Since its inception, AppRiver has sustained an impressive 93% customer retention rate while growing its customer base to more than 47,000 companies and 8.5 million mailboxes worldwide. The company maintains offices in Florida, Georgia, Texas, New York, Switzerland and Spain, and is led by an Ernst & Young Florida Entrepreneur of the Year award winner. To learn more, visit AppRiver online, Facebook, LinkedIn and Twitter.