Recent research in the US found that more than 50% of all small and medium-sized businesses have been hacked at some point, and nearly 75% were unable to restore all of the lost data.
Similarly, in the UK, latest research shows that 87% of small firms and 93% of large firms experienced a cyber security breach.
The two most common forms of cyber attack are phishing — gathering sensitive information under false pretences — and watering holes — installing malware on websites that will be visited by the target group.
Many people mistakenly believe that their anti-virus software also protects them from malware. A two-month study by Palo Alto Networks has identified 26,000 unique malware samples that were completely undetected by existing anti-virus solutions. Further, the study found that web-based malware stays hidden for an average of 20 days before being detected, as opposed to five days for email-based malware.
Malware is a real threat and should not be taken lightly.
So, what is the difference between a ‘virus’ and ‘malware’?
Viruses are a type of malware that has been designed to replicate and spread. According to Life Hack, “malware is a broad term used to describe all sorts of unwanted or malicious code. Malware can include viruses, spyware, adware, trojans, worms and more.”
Today, even amid all the hype around Ebola, just mention the word ‘virus’, and everyone knows that you could be referring to an information security term. But the term ‘malware’ is not well known. This is largely due to the fact that most security companies have focused their marketing efforts on antivirus campaigns, due to the notoriety of the term ‘virus’.
According to AppRiver, one in 10 emails sent in January was malicious. By ‘malicious’, it implies that the email contains links to sites or attachments that, when clicked or opened, will automatically download some form of malware onto your computer.
Experts advise that most of the popular tools out there will scan for all types of malware, but you should always make sure that your choice of software does this as well. Only visit safe websites, don’t click on suspicious links and keep your software up-to-date. These general rules will keep you pretty well protected.
A few ways to check whether you are protected against malware are to ensure that:
- all devices connected to the Internet have malware protection software installed;
- your malware solution automatically updates and conducts regular scans;
- the solution performs website blacklisting; and
- the malware protection software is configured to scan files automatically upon access, such as when downloading, opening files or accessing web pages.
Malware protection is one of the five key areas highlighted in the Cyber Essentials scheme, and against which organisations seeking certification are assessed. The Cyber Essentials scheme provides businesses small and large with clear guidance for good basic cyber security practice. IT Governance offers unique solutions to help you meet the requirements of the Cyber Essentials scheme at a pace and for a budget that suits you.