Phishing, exploits and botnets – how they can affect your business
More often, companies are the targets of cybercriminals, regardless of their size. The attacks usually end with sensitive information being stolen, leaving the business in a very difficult situation.
In fact, ransomware cases (please link the word Ransomware to our “What is Ransomware piece) have multiplied over the last few months. The attackers encrypt the information they get from companies in order to demand a ransom afterwards, threatening to otherwise destroy all data if it is not paid within a specified period of time.
It’s necessary to distinguish between the damage caused by a computer threat and by a cyberattack.
Computer threats are malware samples that try to infect the highest number of systems possible. They make no differentiation between home or business computers.
Cyberattacks usually have a more specific target, contrary to what most people think, the majority of these cyberattacks use well-known techniques (sending malicious attachments or links in emails), and usually exploit vulnerabilities when the corresponding security patch has not yet been applied.
In fact, one of the most popular techniques for accessing sensitive information from corporate employees, such as their credentials to access the internal resource, is still phishing. Fake web pages masquerading as legitimate ones that grant access, for instance, to the corporate email system can cause serious trouble if the person typing his/her credentials does not realise that the page he/she is using is a fake.
Criminals prepare fraudulent messages and send them to email addresses found in employee business cards, in their web contact information and even in social networks.
It is quite easy for an attacker who knows how to design a convincing-enough looking email to make someone click on a link, leading them to a trap.
Moreover, these emails can be used to attach files which are likely to be opened by the employees. With the extremely simple technique of using file names like “Billing2015” or “AnnualStrategicPlan”, many users will probably open the files, despite the fact they are executables hidden in a .ZIP compressed file.
In fact, in last year’s ESET Security Report found that in SMBs phishing and exploitation of vulnerabilities occurred in 48.43% and 47.35% of the cases, respectively.
That is why it is important to keep the system and its applications updated to the latest version. Otherwise, we are taking the risk of using a vulnerable system like Windows XP, which potentially jeopardises the integrity of all the data unless we protect it with a security tool that is able to detect those exploits and block them.
ESET SA’s CEO Carey van Vlaanderen suggests “Instead of trying to recover from such an incident companies should try to avoid it in the first place by protecting assets from possible risks, defining the procedures to follow in case of infection, implementing controls to guarantee security policies are followed, educating company staff, and performing regular audits and risk assessments, among other measures.”
There is quite a lot of work to do in a company to safeguard its information. Not everything is about implementing security solutions capable of protecting against phishing or exploit campaigns, which also detect system vulnerabilities: these measures need to be complemented with a series of policies and best practices.
The new generation of ESET’s business solutions was developed while taking into account the requirements of real users, to protects them from all these security risks so that their data is secure. With the right protection, companies can enjoy safer technology and get more done.
ESET Company Profile
Who we are
ESET began life as a pioneer of antivirus
protection, creating award-winning threat detection
software. Now, ESET’s goal is
to make sure that everyone can enjoy the
breath-taking opportunities that technology
offers. Today, our security solutions allow
businesses and consumers in more than 180
countries to make the most of the digital
Helping to unlock the great online
While you explore the digital world, ESET unobtrusively
protects and monitors 24/7, updating
your defences in real-time to keep you safe.
Our vision is a secure digital world for
everyone; our mission is to provide the
products to achieve that. This ambition shapes
our culture, informs our thinking and regulates
our behaviour as a company.
We want to make sure that your technology
is always working for you: constantly
broadening your horizons, and never getting
in your way. Your experience and feedback,
and the skills of the passionate people working
in our research centers around the world, are
helping us to build a safer digital world
Securing your business,simply and effectively
We believe that managing security needn’t
be complex and stressful, and our products
reflect this belief.
We might be a security solutions provider, but
we’re also a regular company. Like you, our
business customers, we’re always striving to
be more efficient and effective in order to keep
growing – and we know that when our people
are free to think, explore and enjoy, rather than
being distracted or worried, they produce their
When protecting a business, the equation is
simple: keep your infrastructure secured at the
highest level, whilst saving your staff valuable
Home | Eset | Website | ITNewsAfrica.com