Anti-virus programs aren't enough • Blisstech Solutions

Today, many business owners install an antivirus program as their single line of defence and call it a day. However, there are many ways to get into a network that circumvents anti-virus.

Hackers are creating malware faster than anti-virus programs can recognise them (about 100,000 new threats are released daily), and professional cybercriminals test their creations against all commercially available platforms before releasing them.

Even if you had a perfect anti-virus program that could detect and stop every single threat, there are many attacks that circumvent anti-virus programs entirely. For example, if a hacker can convince a user to reveal their password using social engineering and install a legitimate remote access tool via a waterholing attack, anti-virus is not going to save you when they remote into your business and get to work.

There are several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defence plan that will allow you to quickly notice and respond to breaches at each level.  Network and mobile layer protections are well known, but you may not be familiar with the layers and how to protect them.

Physical Layer

The physical layer refers to the computers and devices that you have in your office. It is exploited surprisingly often. However, it is the easiest to defend.

Here are a few examples:keyboard in chains

  • In 2015, 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
  • The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
  • As an experiment, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert it into their work or personal computers. 17% of consumers fell for it.

For the physical layer:

Keep all computers and devices under the supervision of an employee or secured at all times.
Only let authorised employees use your devices.
Do not plug in any unknown USB devices.
Destroy obsolete hard drives before throwing them out.
In short, taking responsibility for data security involves a lot more than just a software program.

Human Layer

Humans are the weakest link for cybersecurity. A hacker only needs to find one poorly informed, curious or careless employee and they potentially have the keys to your businesses IT.  Some of the techniques employed by the hacker are social engineering, phishing and waterholing and all are designed to trick a user into doing something they shouldn’t.   Some examples of famous security breaches that were results of the human layer are:

  • In 2011 the security company RSA was hacked which was just the starting point that led to the attack against the ultimate target, Lockheed Martin.  The attack started with an Excel document, sent to a small group of RSA employees, via email, which contained a malicious code which opened a backdoor for the hackers.
  • Sony was famously hacked in 2014. Thousands of files, including business agreements, financial documents and employees’ information, were stolen. They were targeted by a spear-phishing attack which looked like emails from Apple.
  • In 2016 the Democratic National Committee was hacked which famously led to emails being published on Wikileaks.   The hackers used spear-phishing with an email, that looked just like it had been sent by Google, requesting that the user reset their password due to malicious activity.  This tricked the user into entering their password, giving the hackers access to their email accounts.

Protection for the human layer comes down to training and education.  Following the training, you need to keep users on their toes and there are services available that will send users fake phishing emails and report who clicked on things they shouldn’t have.  Don’t get hacked because of PEBKAC. Educate and empower your users to be your first line of defence!

Learn more about how Blisstech Solutions cyber-security services can help. Contact us at 01299 382 321 or [email protected].

More Content

Phishing – If you’re under pressure to take urgent action – stop and think

Phishing scams are one of the biggest security threats to your business right now and cybercriminals are always coming up with new phishing techniques. A massive 83% of organisations said they suffered successful attacks last year. And with just under a third of...

Windows 11 optional update: Why it’s better to wait  

Microsoft has just announced an option for people to trial new features before their general release in Windows 11.  This isn’t about fixes to security flaws – everyone gets those at the same time.   This is an opportunity for businesses to jump the queue to receive new features and updates first.  Sound exciting?   Yes!   Worth the risk?   Not quite.  Our …
Read More

When can you finally forget your password?

Passkeys are set to take over from traditional passwords to give us a safer, more secure way of logging into our online accounts.

How to use footnotes and endnotes in Word

Tech Tip: How to use footnotes and endnotes in Word

This Tech Tip is another tip for Microsoft Word. If you use Word to write documentation, contracts or any other type of detailed document, then this tip is for you. Usually, when you write such a document, you may need to expand on certain sentences without making the...
Cloud server hacks video thumbnail

Make sure your cloud server is protected from this

Using a cloud server to drive your business’s technology is a smart idea. The benefits are huge. You can use as little or as much storage as you need, without having to worry about limitations or huge bills. Perfect for growing businesses. Your team can access any...
Snip and Sketch video thumbnail

Tech Tip: How to use the Snip and Sketch tool

This is a Tech Tip on how to use the really handy Snip and Sketch Tool built into Windows. Who said that "a picture paints a thousand words"? I'll leave you to Google that one as I couldn't work it out! Anyway, there are times when an image is the best way to...

Is working from home really good for your business?

Working from home. Or remote working, as it’s now called. It’s the big thing in business, isn’t it? And some people love it. They’re happier working where they want, and when they want. And that makes them more productive and less likely to leave. But have you stopped...

Some bosses think their people do less when working from home

Microsoft has become the leader of productivity over many decades. Can you imagine doing your day to day work without their software? So it’s no surprise the tech giant recently conducted a major new survey into productivity in the workplace – and some of the results might surprise you. Researchers surveyed 20,000 people working for […]

How to Secure Your Business from Cyber Threats in 2024: A Free Guide

Protect your business from these cybersecurity threats in 2024 We’re weeks away from the new year. And this is a great time to start thinking about what needs to get better in 2024. We believe you should allocate more of your business’s precious resources to the...

Tech Tip: How to create a scheduling poll using Outlook

Welcome to a new Tuesday tech tip video where we will be exploring how to create a scheduling poll using Outlook. You know what it's like when you are trying to get everyone together for a meeting. Trying to find a time that suits everyone can be a real pain! There...
Share This
Contact
Love Lane
Cleobury Mortimer
Shropshire DY14 8PE

01299 382 321
[email protected]
Copyright © 2023 Blisstech Solution Ltd
Registered No: 08125391 VAT No : 307 5490 05