The 7 Layers of Malware Defence
15 November 2017
What is the best technology or best method to overcome malware & cybercrime? This is a question we get asked a lot, especially with cybercrime on the rise across Australia and the world. A report by Telstra found after thorough investigations that Cybercrime had almost doubled throughout 2016, with Telstra security solutions director, Neil Campbell stating that;
‘…more than half of all businesses experienced a ransomware attack last year – 30% of Australian businesses surveyed have had a business email compromise and the number of Distributed Denial of Service (DDoS) networks attacks are up by more than 200%’ 
Handling IT Security and Malware defence goes deeper than just one or two security methods, such as MailGuard or EPS. The best defence for any organisation is what we call a ‘layered’ defence.
Organisations with a ‘Layered’ defence are far more likely to be able to defend themselves without being compromised or suffering data and financial loss. A 'Layered Defence' is part of a strong Security Posture, which is how well prepared an organisations security defences are.
But what is a layered defence? Essentially what this means is to use multiple security layers to protect different areas of your organisation in the IT space. This usually includes seven key areas;
Staff knowledge is one of the least expensive and most effective forms of malware defence. By educating your staff you can ward off around 80% of malware attacks before they begin. This is because most malware requires some form of human interaction to be successful. This can include opening a spam email, downloading an infected attachment or inserting a Trojan USB drive into one of your organisation's PC's. When an organisations staff have been trained on how to spot the warning signs of a malware attack most threats can be easily avoided.
Email Defence should be a standard for all organisations these days no matter how big or small. One of the most trusted providers MailGuard (https://www.mailguard.com.au/) offers subscription-based email defence software which works using AI to assess and block emails with the potential to be infected or carrying malicious software. Email is by far the most common injection method for malware, making Email Defence a top priority for businesses these days.
Web defence is the next most common platform for organisations to use after email defence. Web defence programs are designed to protect users who are web browsing by blocking harmful content before the user can access the website. This protects the user from venturing into a website with malicious content and incidentally having their PC infected with a virus or malware. When selecting an appropriate web defence software check whether it can stop attacks at the DNS layer, before the page loads. This is an important detail and is what separates the good from the great web defence products available.
Patching is the process of applying updates to software. As software ages, security loopholes open up and the providers of that software release updates to cover the loopholes, which are known as patches. Patching refers to this process of applying the updates or ‘patches’ to the software to maintain up to date security. Patching is a manual process, requiring usually an IT manager or engineer to ensure patches are applied correctly and in a proficient and timely manner.
5. End-Point Security
An extension of Email & Web Defence is End-Point security. This is a newer defence method which is playing far greater importance with the advent of cloud technologies and with web access spreading to phones and tablets. Each device with web access becomes an end-point which is a potential open door for malware. Guarding these endpoints is now more or less as important as email defence in protecting an organisation. Top quality providers of End Point Security include Kaspersky (https://www.kaspersky.com.au/) and McCafee (https://www.mcafee.com/au/products/endpoint-protection/endpoint-security.aspx).
2FA stands for Two-Factor Authentication, which is one of the newest security protocols previously reserved for high-end legal firms, financial institutions, government offices and any other organisation with, especially sensitive or valuable information. 2FA is becoming far more widespread and is now more of a standard as Malware attacks continue to escalate in sophistication and ability. 2FA requires access to applications with a password (one factor) and a key/token (second factor) – such as a temporary generated code from the user’s phone. This effectively renders brute force attacks and many other malware attacks useless, as the only way to gain access is through knowing the temporarily generated code. One of the top quality providers is Kaseya of 2FA (https://www.kaseya.com/).
7. Complete Backups
Backups are less of a defence mechanism and more of an insurance policy for organisations. When an organisation has regular, recent backups they’re able to quickly and easily backup their files and data should their organisation be taken hostage by malware or suffer a disaster. Organisations without backups are far more vulnerable in such situations and may have no choice but to pay the ransom and still lose millions in data. While everything else on this list works to prevent a malware attack, backups work to save an organisation after it has been attacked and to bring it back from the brink of destruction.
So for organisations wishing to defend themselves, the best method is to use multiple firewalls protecting different endpoints and areas of the organisation. There is no one, single silver bullet that defends and defeats all malware. Malware will continue to evolve and defence mechanisms must evolve with them.
For now, the easiest and least expensive way you can begin defending yourself against malware is to make yourself aware of the signs of a malware attack. See this video here on how to spot a suspicious email: https://www.youtube.com/watch?v=P-qimBNJHII
If your origination still has any questions about your security posture please feel free to reach out for a discussion or consultation on 1300 133 966 or email us at firstname.lastname@example.org