Anti-virus programs aren't enough • Blisstech Solutions

Today, many business owners install an antivirus program as their single line of defence and call it a day. However, there are many ways to get into a network that circumvents anti-virus.

Hackers are creating malware faster than anti-virus programs can recognise them (about 100,000 new threats are released daily), and professional cybercriminals test their creations against all commercially available platforms before releasing them.

Even if you had a perfect anti-virus program that could detect and stop every single threat, there are many attacks that circumvent anti-virus programs entirely. For example, if a hacker can convince a user to reveal their password using social engineering and install a legitimate remote access tool via a waterholing attack, anti-virus is not going to save you when they remote into your business and get to work.

There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defence plan that will allow you to quickly notice and respond to breaches at each level.  Network and mobile layer protections are well known, but you may not be familiar with the layers and how to protect them.

Physical Layer

The physical layer refers to the computers and devices that you have in your office. It is exploited surprisingly often. However, it is the easiest to defend.

Here are a few examples:keyboard in chains

  • In 2015, 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
  • The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
  • As an experiment, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert it into their work or personal computers. 17% of consumers fell for it.

For the physical layer:

Keep all computers and devices under the supervision of an employee or secured at all times.
Only let authorised employees use your devices.
Do not plug in any unknown USB devices.
Destroy obsolete hard drives before throwing them out.
In short, taking responsibility for data security involves a lot more than just a software program.

Human Layer

Humans are the weakest link for cybersecurity. A hacker only needs to find one poorly informed, curious or careless employee and they potentially have the keys to your businesses IT.  Some of the techniques employed by the hacker are social engineering, phishing and waterholing and all are designed to trick a user into doing something they shouldn’t.   Some examples of famous security breaches that were results of the human layer are:

  • In 2011 the security company RSA was hacked which was just the starting point that led to the attack against the ultimate target, Lockheed Martin.  The attack started with an Excel document, sent to a small group of RSA employees, via email, which contained a malicious code which opened a backdoor for the hackers.
  • Sony was famously hacked in 2014. Thousands of files, including business agreements, financial documents and employees’ information, were stolen. They were targeted by a spear-phishing attack which looked like emails from Apple.
  • In 2016 the Democratic National Committee was hacked which famously led to emails being published on Wikileaks.   The hackers used spear-phishing with an email, that looked just like it had been sent by Google, requesting that the user reset their password due to malicious activity.  This tricked the user into entering their password, giving the hackers access to their email accounts.

Protection for the human layer comes down to training and education.  Following the training, you need to keep users on their toes and there are services available that will send users fake phishing emails and report who clicked on things they shouldn’t have.  Don’t get hacked because of PEBKAC. Educate and empower your users to be your first line of defence!

Learn more about how Blisstech Solutions cyber-security services can help. Contact us at 01299 382 321 or [email protected].

More Content

You’ve heard of Copilot… but what is it?

You’ve heard of Copilot… but what is it?

You might have heard about Microsoft Copilot, but what is it? And will it really make a difference to your workday or business? We explain it all here.

Copilot is bringing another productivity boost to Teams

Copilot is bringing another productivity boost to Teams

Teams is getting some Copilot-powered updates that will boost your business’s productivity even further. Here we tell you all about it.

Tech Tip: How to use a Password Manager

This Tech Tip is a tip on how to manage your passwords. It's a long tip this week, but that's because there is a lot to tell! With so many things being done online now, passwords are needed constantly.  But with the advice that every password should be unique and not...
You’re ready for the upgrade… what’s holding you back?

You’re ready for the upgrade… what’s holding you back?

Still not upgraded your business to Windows 11? You’re missing out, and what for? It’s free to upgrade and easy. Find out more here.

LinkedIn takes action to tackle fake accounts

LinkedIn is introducing new verification features over the coming months to help tackle fake accounts. The business-focused social platform is a fantastic place to connect with like-minded businesspeople, and to find new employees, jobs and opportunities. But thanks to this popularity, we’re seeing an increase in fake profiles, created by scammers for more sinister purposes. Bot-like accounts have been cropping …
Read More

How to scan a QR code with your phone

As more venues open up for face to face meetings, some are introducing their own track and trace systems using a QR code that you need to scan with your mobile phone. But how? This video explains how to scan a QR code with your phone so you are not trying to figure it...

Tech Tip: How to add an email alias as FROM address in Outlook

You've been using Microsoft Outlook for a while now and you're comfortable with the interface. But there's one thing you still haven't figured out how to do- send an email from an alias address. Microsoft 365 has made it possible to easily add a new FROM address in...
Child working at a laptop

Donated Laptops for Lockdown Learning

A Digital Divide It is a shocking fact that 9% of children in the UK, between 1.1 and 1.8 million, do not have a computer, laptop or mobile device in their home, according to research carried out by Ofcom. This pandemic is shining a stark light on the gap in provision...

Don’t Overlook Home Worker Security

Protecting Home Workers and Your Business In the current work-from-home landscape, business security strategies often overlook one crucial aspect: home office security. This oversight creates vulnerabilities that cybercriminals are actively exploiting. With more...
Cyber extortion: What is it and what’s the risk to your business?

Cyber extortion: What is it and what’s the risk to your business?

Have you heard of cyber extortion? It’s a very real threat to your business. Here we explain what it is and how to stay safe.

Share This
Contact
Love Lane
Cleobury Mortimer
Shropshire DY14 8PE

01299 382 321
[email protected]
Copyright © 2024 Blisstech Solution Ltd
Registered No: 08125391 VAT No : 307 5490 05